Fastly · Capability

Fastly Client-Side Protection — Websites and Pages

Manage protected websites and pages in Fastly Client-Side Protection (CSP) for defending against Magecart and formjacking.

Fastly Client-Side Protection — Websites and Pages is a Naftiko capability published by Fastly, one of 73 capabilities the APIs.io network indexes for this provider. It bundles 7 operations across the GET, POST, PATCH, and DELETE methods rooted at /v1/client-side-protection/websites.

The capability includes 3 read-only operations and 4 state-changing operations. Lead operation: List Fastly CSP websites. Can be deployed as a REST endpoint, MCP tool, or Agent Skill via Naftiko.

Tagged areas include Fastly, Client-Side Protection, and Security.

Run with Naftiko FastlyClient-Side ProtectionSecurity

What You Can Do

GET
Listwebsites — List websites
/v1/client-side-protection/websites
POST
Createwebsite — Create website
/v1/client-side-protection/websites
GET
Getwebsite — Get website
/v1/client-side-protection/websites/{website-id}
PATCH
Updatewebsite — Update website
/v1/client-side-protection/websites/{website-id}
DELETE
Deletewebsite — Delete website
/v1/client-side-protection/websites/{website-id}
GET
Listpages — List pages
/v1/client-side-protection/websites/{website-id}/pages
POST
Createpage — Create page
/v1/client-side-protection/websites/{website-id}/pages

MCP Tools

list-csp-websites

List Fastly CSP websites

read-only idempotent
create-csp-website

Create a Fastly CSP website

get-csp-website

Get a Fastly CSP website

read-only idempotent
update-csp-website

Update a Fastly CSP website

idempotent
delete-csp-website

Delete a Fastly CSP website

idempotent
list-csp-pages

List Fastly CSP pages for a website

read-only idempotent
create-csp-page

Create a Fastly CSP page

Capability Spec

client-side-protection-websites.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: Fastly Client-Side Protection — Websites and Pages
  description: Manage protected websites and pages in Fastly Client-Side Protection (CSP) for defending against Magecart and formjacking.
  tags: [Fastly, Client-Side Protection, Security]
  created: '2026-05-22'
  modified: '2026-05-22'
binds:
- namespace: env
  keys: { FASTLY_API_KEY: FASTLY_API_KEY }
capability:
  consumes:
  - type: http
    namespace: client-side-protection-websites
    baseUri: https://api.fastly.com
    description: CSP websites and pages CRUD.
    resources:
    - name: websites
      path: /client-side-protection/websites
      operations:
      - { name: listwebsites, method: GET, description: List websites, outputRawFormat: json, outputParameters: [ { name: result, type: object, value: $. } ] }
      - { name: createwebsite, method: POST, description: Create website, outputRawFormat: json, outputParameters: [ { name: result, type: object, value: $. } ] }
    - name: website
      path: /client-side-protection/websites/{website_id}
      operations:
      - { name: getwebsite, method: GET, description: Get website, outputRawFormat: json, outputParameters: [ { name: result, type: object, value: $. } ] }
      - { name: updatewebsite, method: PATCH, description: Update website, outputRawFormat: json, outputParameters: [ { name: result, type: object, value: $. } ] }
      - { name: deletewebsite, method: DELETE, description: Delete website, outputRawFormat: json, outputParameters: [ { name: result, type: object, value: $. } ] }
    - name: pages
      path: /client-side-protection/websites/{website_id}/pages
      operations:
      - { name: listpages, method: GET, description: List pages, outputRawFormat: json, outputParameters: [ { name: result, type: object, value: $. } ] }
      - { name: createpage, method: POST, description: Create page, outputRawFormat: json, outputParameters: [ { name: result, type: object, value: $. } ] }
    authentication: { type: apikey, key: Fastly-Key, value: '{{env.FASTLY_API_KEY}}', placement: header }
  exposes:
  - type: rest
    namespace: client-side-protection-websites-rest
    port: 8080
    description: REST adapter.
    resources:
    - path: /v1/client-side-protection/websites
      name: websites
      description: CSP websites collection.
      operations:
      - { method: GET, name: listwebsites, description: List websites, call: client-side-protection-websites.listwebsites, outputParameters: [ { type: object, mapping: $. } ] }
      - { method: POST, name: createwebsite, description: Create website, call: client-side-protection-websites.createwebsite, outputParameters: [ { type: object, mapping: $. } ] }
    - path: /v1/client-side-protection/websites/{website-id}
      name: website
      description: Single CSP website.
      operations:
      - { method: GET, name: getwebsite, description: Get website, call: client-side-protection-websites.getwebsite, outputParameters: [ { type: object, mapping: $. } ] }
      - { method: PATCH, name: updatewebsite, description: Update website, call: client-side-protection-websites.updatewebsite, outputParameters: [ { type: object, mapping: $. } ] }
      - { method: DELETE, name: deletewebsite, description: Delete website, call: client-side-protection-websites.deletewebsite, outputParameters: [ { type: object, mapping: $. } ] }
    - path: /v1/client-side-protection/websites/{website-id}/pages
      name: pages
      description: CSP pages collection.
      operations:
      - { method: GET, name: listpages, description: List pages, call: client-side-protection-websites.listpages, outputParameters: [ { type: object, mapping: $. } ] }
      - { method: POST, name: createpage, description: Create page, call: client-side-protection-websites.createpage, outputParameters: [ { type: object, mapping: $. } ] }
  - type: mcp
    namespace: client-side-protection-websites-mcp
    port: 9090
    transport: http
    description: MCP adapter.
    tools:
    - { name: list-csp-websites, description: List Fastly CSP websites, hints: { readOnly: true, destructive: false, idempotent: true }, call: client-side-protection-websites.listwebsites, outputParameters: [ { type: object, mapping: $. } ] }
    - { name: create-csp-website, description: Create a Fastly CSP website, hints: { readOnly: false, destructive: false, idempotent: false }, call: client-side-protection-websites.createwebsite, outputParameters: [ { type: object, mapping: $. } ] }
    - { name: get-csp-website, description: Get a Fastly CSP website, hints: { readOnly: true, destructive: false, idempotent: true }, call: client-side-protection-websites.getwebsite, outputParameters: [ { type: object, mapping: $. } ] }
    - { name: update-csp-website, description: Update a Fastly CSP website, hints: { readOnly: false, destructive: false, idempotent: true }, call: client-side-protection-websites.updatewebsite, outputParameters: [ { type: object, mapping: $. } ] }
    - { name: delete-csp-website, description: Delete a Fastly CSP website, hints: { readOnly: false, destructive: true, idempotent: true }, call: client-side-protection-websites.deletewebsite, outputParameters: [ { type: object, mapping: $. } ] }
    - { name: list-csp-pages, description: List Fastly CSP pages for a website, hints: { readOnly: true, destructive: false, idempotent: true }, call: client-side-protection-websites.listpages, outputParameters: [ { type: object, mapping: $. } ] }
    - { name: create-csp-page, description: Create a Fastly CSP page, hints: { readOnly: false, destructive: false, idempotent: false }, call: client-side-protection-websites.createpage, outputParameters: [ { type: object, mapping: $. } ] }