---
title: Next-Gen WAF
summary: null
url: https://www.fastly.com/documentation/reference/api/ngwaf
---

The Fastly Next-Gen WAF APIs allow you to manage workspaces, requests, events, redactions, tags, and rules. The Fastly Next-Gen WAF API is only available to customers with access to the Next-Gen WAF product in the [Fastly control panel](https://manage.fastly.com/). If you have access to the [Next-Gen WAF control panel](https://dashboard.signalsciences.net/), check out the [Next-Gen WAF API](https://docs.fastly.com/signalsciences/api/).

- [Agent Keys](https://www.fastly.com/documentation/reference/api/ngwaf/agent-keys/) - Agent keys endpoints provide functionality for listing agent configuration keys associated with a workspace.
- [Agents](https://www.fastly.com/documentation/reference/api/ngwaf/agents/) - Agents allows you to list and retrieve Next-Gen WAF agents deployed in a workspace.
- [Custom dashboards](https://www.fastly.com/documentation/reference/api/ngwaf/custom-dashboards/) - Custom dashboards allow you to build tailored visualizations of Next-Gen WAF security data and configure which dashboard displays by default when accessing a workspace.
- [Custom Signals](https://www.fastly.com/documentation/reference/api/ngwaf/signals/) - Custom signals endpoints provide functionality for adding, editing, and deleting custom signals.
- [Events](https://www.fastly.com/documentation/reference/api/ngwaf/events/) - Events are actions that the Next-Gen WAF takes as the result of regular threshold-based blocking, templated rules, and site alerts.
- [Header links](https://www.fastly.com/documentation/reference/api/ngwaf/header-links/) - Header links allow you to create clickable links in the Next-Gen WAF interface based on request or response header values.
- [Lists](https://www.fastly.com/documentation/reference/api/ngwaf/lists/) - Lists allow you to manage lists at the account level and workspace level for use with Next-Gen WAF rules.
- [Rate limited sources](https://www.fastly.com/documentation/reference/api/ngwaf/rate-limited-sources/) - Rate limited sources allow you to view and manage IP addresses and other sources that have been temporarily rate limited by the Next-Gen WAF.
- [Redactions](https://www.fastly.com/documentation/reference/api/ngwaf/redactions/) - Next-Gen WAF automatically redacts known patterns of sensitive information. In addition to automatic redactions, the redactions API allows you to specify additional fields to redact from requests.
- [Reports](https://www.fastly.com/documentation/reference/api/ngwaf/reports/) - Reports endpoints provide functionality to access account reports on attacks and signals.
- [Requests](https://www.fastly.com/documentation/reference/api/ngwaf/requests/) - Requests lists individual requests that have been tagged with signals.
- [Rules](https://www.fastly.com/documentation/reference/api/ngwaf/rules/) - Rules allow you to allow, block, rate limit, or tag requests for an arbitrary set of conditions.
- [Simulate](https://www.fastly.com/documentation/reference/api/ngwaf/simulate/) - Simulate HTTP requests through a workspace's WAF configuration without sending actual traffic. This allows testing and validating WAF rule behavior in a safe, non-production context.
- [Thresholds](https://www.fastly.com/documentation/reference/api/ngwaf/thresholds/) - Manage workspace thresholds.
- [Time series](https://www.fastly.com/documentation/reference/api/ngwaf/timeseries/) - Time series returns data for the number of signals (e.g., XSS, SQLi, 404s) observed per minute.
- [Virtual patches](https://www.fastly.com/documentation/reference/api/ngwaf/virtual-patches/) - Virtual patching rules block or log requests matching specific vulnerabilities.
- [Workspace alerts](https://www.fastly.com/documentation/reference/api/ngwaf/workspace-alerts/) - Workspace alerts endpoints provide functionality for adding, editing, and deleting alerts.
- [Workspaces](https://www.fastly.com/documentation/reference/api/ngwaf/workspaces/) - Workspaces allows you to add, edit, and delete workspaces in your account.