Skip to main content
APIContext
Talk to salesStart free
Start HereGuidesConceptsCLIReferenceChangelog

Network Conformance Checks

Network conformance checks extend your monitors to verify not just whether an API responds correctly, but whether the underlying network and certificate infrastructure meets your requirements.

TLS certificate expiry monitoring

APIContext can alert you before your API's TLS certificate expires — giving you time to renew before users are affected.

Configure expiry alerts

  1. Open a monitor and go to Network Conformance settings.
  2. Under TLS Certificate, enable expiry monitoring.
  3. Set alert thresholds:
ThresholdWhen to alert
30-day warningCertificate expires within 30 days
7-day warningCertificate expires within 7 days
1-day criticalCertificate expires within 24 hours

You can enable one or more thresholds. Each triggers an alert through your configured notification channels.

CDN allowlist verification

If your API is served through a CDN, you can verify that requests are being routed through your expected CDN network and not bypassing it.

APIContext supports allowlist verification for ~24 CDN providers, including:

  • Akamai
  • Amazon CloudFront
  • Azure CDN
  • Cloudflare
  • Fastly
  • Google Cloud CDN
  • Imperva / Incapsula
  • Verizon / Edgecast
  • And more — see your project's conformance settings for the full list.

Configure a CDN allowlist check

  1. In the monitor's Network Conformance settings, select CDN Allowlist.
  2. Choose the expected CDN provider(s).
  3. APIContext verifies that the X-Cache, X-CDN, or server header matches the expected CDN signature.

Geo-fencing and data sovereignty checks

Data sovereignty requirements may require that API traffic stays within specific geographic boundaries. APIContext can verify that:

  • Requests are served from nodes in an approved region
  • Responses do not contain IP addresses or headers indicating routing through restricted jurisdictions

Configure geo-fencing

  1. In Network Conformance, enable Geo-fencing.
  2. Select the approved regions (e.g., EU only, US only).
  3. APIContext runs monitors from nodes in the approved regions and fails if a response indicates routing outside them.

See also