Documentation

Akamai Setup

Last update: Fri Apr 19 2024 00:00:00 GMT+0000 (Coordinated Universal Time)

The following screenshots illustrate how to use the Akamai Property Manager to configure a property to deliver content. Essential settings are marked with a red circle.

Essential Property settings

Origin Server

Configuration properties:

Name
Value
Comment
Origin Server Hostname
main--<repo>--<organization>.hlx.live
Replace repo and organization with the values for your site.
Forward Host Header
Origin Hostname
Cache Key Hostname
Incoming Host Header

Add Behavior: Remove Vary Header

Configuration properties:

Name
Value
Comment
Remove Vary Header
On

Add Behavior: Modify Outgoing Request Header

Configuration properties:

Name
Value
Comment
Action
Modify
Custom Header Name
X-Forwarded-Host
New Header Value
{{builtin.AK_HOST}}
Avoid Duplicate Headers
Yes

Add more outgoing request headers:


Configuration properties:

Name
Value
Comment
Action
Modify
Custom Header Name
X-BYO-CDN-Type
New Header Value
akamai
Avoid Duplicate Headers
Yes

Configuration properties:

Name
Value
Comment
Action
Modify
Custom Header Name
X-Push-Invalidation
New Header Value
enabled
Avoid Duplicate Headers
Yes

Add/Modify Behavior: Caching

Configuration properties:

Name
Value
Comment
Caching Option
Honor origin Cache-Control
Enhanced RFC support
No
Honor private
No
Honor must-revalidate
No

Add Behavior: HTTP/2

(Optional, but recommended)

Add Rule: Modify Outgoing Response Header

Create a new rule

Set the criteria for the rule to be applied

Set the behavior if a match is found

These are all essential property settings for delivering content.

Caveats

Do not enable Akamai mPulse Real Usage Monitoring. While the performance impact on most sites is negligible, for sites built for consistent high performance, enabling it will prevent reaching a Lighthouse Score of 100. In AEM, you have a Real User Monitoring service built-in, so that dual instrumentation will be unnecessary and is strongly discouraged.

Also, do not enable Akamai Bot Manager or similar Web Application Firewall offerings, as they markedly interfere with rendering performance and user experience. Your site on AEM is protected against bot attacks on the backend, so that this performance cost comes with negligible benefit.

Setup push invalidation

Push invalidation automatically purges content on the customer’s production CDN (e.g. www.yourdomain.com), whenever an author publishes content changes.

Content is purged by url and by cache tag/key.

Push invalidation is enabled by adding specific properties to the project’s configuration (an Excel workbook named .helix/config.xlsx in Sharepoint or a Google Sheet named .helix/config in Google Drive).

Configuration properties:

key
value
comment
cdn.prod.host
<Production Host>
Host name of production site, e.g. www.yourdomain.com
cdn.prod.type
akamai
cdn.prod.endpoint
<host>
Fast Purge API credentials
cdn.prod.clientSecret
<client_secret>
Fast Purge API credentials
cdn.prod.clientToken
<client_token>
Fast Purge API credentials
cdn.prod.accessToken
<access_token>
Fast Purge API credentials

AEM push invalidation uses the Akamai Fast Purge API, specifically Delete by URL and Delete by cache tag.

The Fast Purge API credentials consist of

host = akaa-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.luna.akamaiapis.net
client_token = akab-XXXXXXXXXXXXXXXX-XXXXXXXXXXXXXXXX
client_secret = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
access_token = akab-XXXXXXXXXXXXXXXX-XXXXXXXXXXXXXXXX

They can be generated by following the instructions at Create an API client with custom permissions.

Go to Identity & Access Management:

Create API client:



Required group/role permissions:

You can validate the credentials with this tool.

recommendation-more-help
10a6ce9d-c5c5-48d9-8ce1-9797d2f0f3ec