Skip to content

Latest commit

 

History

History
142 lines (96 loc) · 6.16 KB

fingerprint.mdx

File metadata and controls

142 lines (96 loc) · 6.16 KB
Raw
title description meta_tags namespace permalink
How to install the Fingerprint integration through Azion Marketplace
Use this integration to capture devices and network data to better identify devices accessing your applications.
protection, cybersecurity, edge computing
docs_use_case_fingerprint
/documentation/products/guides/fingerprint/

Azion Fingerprint enables you to capture device and network data to better identify devices accessing your applications. It can be classified as a Session Fingerprinting integration and uses the collected data to generate a unique identifier and add it as a request header.

This integration includes two features:

  • A browser-level script (optional): a JavaScript code that could be added to the web page. It captures data about the browser and sets it as a session cookie named _azfp_sc, so this data is always sent by the browser. Even when the usage of this script is optional, it increases the precision of the integration.
  • An edge function (mandatory): a function to capture connection-related data as well as the "frontend fingerprint" (created by the browser script), when available, to create the session fingerprint. It'll then add this fingerprint as a request header named X-AZFP.

Embedding the script

The browser script is a JavaScript code that runs on the web page you want to fingerprint, a process also known as JavaScript injection. It captures multiple data from the web browser:

  • Audio and video support
  • Canvas rendering
  • If the browser has access to device-level API, such as accelerometer and gyroscope
  • Manufacturer's data
  • Timezone
  • WebGL rendering

Then, it creates a unique identifier containing all this information and sets it as a session cookie named _azfp_sc, as cookies are always sent in the requests made by the browser. The script checks if the session cookie already exists. If so, it won't create a new one.

Azion provides a code sample for this JavaScript injection that you can include in your project. To do so:

  1. Add this file to your HTML source, following this example:
<script src="https://mal2u8n8zk.map.azionedge.net/274addd29ac1edb2b200a297b98581cd88465e2ee36f18cfdbdc063402063fe5.js"></script>

Alternatively, you can also:

  1. Copy the code in this file.
  2. Create a new JavaScript file with the code.
  3. Include the JavaScript file in your project folder.
    1. In this example, the file name is fingerprint-script.js
  4. Then, add it to your HTML source, following this example:
<script src="https://example.com/fingerprint-script.js"></script>

Where:

  • https://example.com/ is your domain.
  • fingerprint-script.js is your JavaScript file name.

:::note This is an optional step. However, using this script increases the precision of the Fingerprint integration. The code is a modularized script, in order to avoid collateral damage in any other scripts that might be running in the same web page. :::

Getting the integration

To install Azion Fingerprint:

  1. Access Azion Console > Marketplace.
  2. On the Marketplace's homepage, select the integration's card.
  3. Once the integration's page opens, click the Get It Now button, at the bottom-right corner of the page.

A successful message appears to confirm your integration is installed.

:::tip You can search any integration by browsing through the cards or typing a keyword in the search bar. :::

Configuring the integration

Setting up an edge firewall

To do so, follow the steps:

  1. On the upper-left corner, select Products menu > Edge Firewall in the SECURE section.
  2. Click the Add Rule Set button.
  3. Give an easy-to-remember name to your edge firewall.
  4. Select the domains you want to protect with the function.
  5. Enable the Edge Functions switch in the Edge Firewall Modules section.
  6. Click the Save button.

Done. Now you've instantiated the edge firewall for your integration and it has access to edge functions.

Setting up the function

While still on the Edge Firewall page:

  1. Select the Functions tab.
  2. Click the Add Function button.
  3. Give an easy-to-remember name to your instance.
  4. On the dropdown menu, select the Fingerprint function.

This action will load the function, showing a form with the function code and, just above it, two tabs: Code and Args.

By clicking the Code tab, you'll be able to navigate through the source code but not to change it.

On the Args tab, you'll pass your variables. In this case, you must declare only the variables that you want the function to ignore, as an array of strings. It isn't a required action. If blank, the function will collect all the data.

{
  "fingerprint_ignore": []
}

To understand how to configure the integration, contact the Azion support team and request the solution documentation.

:::note Any variable as null or blank will still be a valid value. :::

  1. When you're done, click the Save button.

Setting up the Rules Engine

To finish, you have to set up a Rules Engine to configure the criteria and the behavior to run the function.

Still in the Edge Firewall page:

  1. Select the Rules Engine tab.
  2. Click the New Rule button.
  3. Give an easy-to-remember name to the rule.
    • You can add a description, but it's an optional step.
  4. Select a criteria to run and catch the domains that you want to run the integration on.
  5. Below, select a behavior to the criteria. In this case, it'll be Run Function.
  6. Select the adequate function according to the name you gave it in the instantiate step.
  7. Click the Save button.

Done. You now have you can collect session data by using Azion Fingerprint.

import ContributorList from '~/components/ContributorList.astro'

Contributors Contributor