Security Console & API
As part of our ongoing commitment to security and meet compliance standards, we are implementing a change to implement stricter access control enforcement across our platform. This change enhances customer data protection and aligns our platform with industry best practices.
All customer accounts are anticipated to be impacted by this change and outlined below it is described how this change applies to your services and what actions you should take in order to avoid an undesired customer experience.
Fastly will be performing maintenance on our Security Console & API platform on the 10th of June 2025 from 15:00 to 16:00 UTC (~60 minute duration).
What’s Changing?
We are updating the GET https://api.fastly.com/user/{user ID}/ API endpoint in manage.fastly.com to implement more rigorous enforcement of permission checks. Specifically, users' data access will be further restricted based on role privileges (e.g. only superusers can retrieve information about other superusers).
What’s next? What do I have to do?
Integrations or automations that currently utilize the API endpoint, GET https://api.fastly.com/user/{user ID}/, in manage.fastly.com may be affected if they assume broader access than permitted by their role.
We request that customers review their current API usage by the 9th of June 2025 to ensure that only users with the required roles are utilizing this endpoint. Performing this review will prevent requests from users without the appropriate permissions from receiving an error 403 authorization message.
Contact Information
Customers with any questions or concerns may engage with our Support team through https://support.fastly.com or by contacting your designated account management team members.
Fastly will be performing maintenance on our platform system on the 6th of May 2025 from 00:00 to 01:00 UTC (~60m duration).
What’s Changing?
We're making improvements to make the Fastly platform even more resilient, secure, and reliable.
- We are introducing general security updates to our authentication infrastructure
- We are improving system availability so that future maintenance of the Authentication Platform can be performed without impacting availability.
What’s next? What do I have to do?
Nothing. All actions taken during this planned maintenance belong to Fastly. During this time, customers may experience:
- Temporary inability to log in to the Fastly App (manage.fastly.com)
- Temporary inability to log in to the Signal Science (SigSci) console (dashboard.signalsciences.net)
- Possible navigation issues in the apps due to token refresh interruptions.
Customers with any questions or concerns may engage with our Support team through https://support.fastly.com or by contacting your designated account management team members.
The scheduled maintenance has been completed.
To offer feedback on our status page, click
"
Give Feedback
"
We're investigating possible performance impact affecting the Dashboard Data, Rule and IP List updates services.
All other locations and services are unaffected.
Our engineers have identified the contributing factor and are developing a fix to our Dashboard Data, Rule and IP List updates service.
All other locations and services are unaffected.
Engineering has confirmed the impact to Dashboard Data, Rule and IP List updates service has been mitigated.
Engineering has confirmed that Dashboard Data, Rule and IP List updates service has been fully restored. Customers may have experienced less data in the UI and updates to new rules/lists would be based on less data from 14:27 to 15:38 UTC.
This incident is resolved.
To offer feedback on our status page, click "Give Feedback"
Status Post, Created Date/Time: 2025-04-29 15:33:44 UTC
Note: Our Customer Escalation Management team will update the start date and time of the initial "investigating" status post upon the resolution of this incident. This update is meant to provide our customers and their end users with a potential impact window. The date and time mentioned in the message above indicates when the status post was requested by our Acute Incident Response team.
What’s Changing?
Fastly will be conducting planned maintenance on both the Fastly Control Panel (https://manage.fastly.com/) and the Signal Science (SigSci) console (https://dashboard.signalsciences.net/) as a part of our ongoing effort to enhance customer account security and ensure we are following security best practices on our platform.
We will permanently reduce the account session timeout during this maintenance. Instead of three hours, sessions will now expire after 30 minutes of inactivity.
These changes will take effect immediately on the 15th of April 2025 at 14:00 UTC.
For security purposes, all active user sessions will be terminated after 30 minutes of inactivity, and users will be directed to the login page. This change applies to all Fastly account types and roles, and any unsaved activity may be lost after the 30-minute idle period.
You can learn more about session timeouts in our Managing users documentation.
This maintenance will have no impact on our ability to deliver Network or Security services to our customers.
What’s next? What do I have to do?
Nothing. All actions taken during this planned maintenance belong to Fastly and there are no anticipated actions for our customers.
Customers with any questions or concerns may engage with our Support team through https://support.fastly.com or by contacting your designated account management team members.
The scheduled maintenance has been completed.
To offer feedback on our status page, click "Give Feedback"
We're investigating possible performance impact affecting the Security Console & API data center.
New customers may experience an error when attempting to log into their NGWAF control panel.
Our engineers have confirmed that API services, dashboard data and our ability to deliver Network and Security services is not affected by this incident.
Note: Retrospectively, our Escalation Management team has updated the start date/time to reflect the earliest sign of onset for the errors reported within this status post. Affected customers would have experienced impact at varying degrees and possibly to a shorter duration than as set forth in this status post.
Our engineers have identified the contributing factor and are applying a fix to our Security Console & API log on services.
Engineering has confirmed that access to the Security Console & API has been fully restored. New NGWAF customers, or customer who recently reset their passwords, may have experienced an error message when attempting to log into their NGWAF control panel.
Errors may have been experienced from the 19th of March 2025 at 15:10 UTC to the 20th of March at 11:26 UTC.
This incident is resolved.
Affected customers may have experienced impact to varying degrees and to a shorter duration than as set forth above.
To offer feedback on our status page, click "Give Feedback"
Note: Our Customer Escalation Management team will update the start date and time of the initial "investigating" status post upon the resolution of this incident. This update is meant to provide our customers and their end users with a potential impact window. The date and time mentioned in the message above indicates when the status post was requested by our Acute Incident Response team.
Status Post, Created Date/Time: 2025-03-20 10:26:40 UTC
We are investigating elevated errors to our Dashboard Data service.
All other products and services are unaffected by this incident.
Our engineers have identified the contributing factor and are applying a fix to our Dashboard Data service.
All other locations and services are unaffected.
Engineering has confirmed the impact to our Dashboard Data service has been mitigated.
Engineering has deployed a fix and have confirmed a gradual recovery to our Dashboard Data service. We will continue to monitor until we’ve confirmed that the customer experience has been fully restored.
All other services were unaffected by this incident.
Engineering has confirmed that our Dashboard Data service has been fully restored. Customers may have experienced missing agent metrics and graph data that appeared blank or failed to load from 13:52 to 17:51 UTC.
This incident is resolved.
To offer feedback on our status page, click "Give Feedback"
Status Post, Created Date/Time: 2025-02-11 01:20:26 UTC
Note: Our Customer Escalation Management team will update the start date and time of the initial "investigating" status post upon the resolution of this incident. This update is meant to provide our customers and their end users with a potential impact window. The date and time mentioned in the message above indicates when the status post was requested by our Acute Incident Response team.
We are investigating elevated errors to our configuration features within our Security Console & API services.
All other products and services are unaffected by this incident.
Our engineers have identified the contributing factor and are applying a fix to our Security Console & API.
All other locations and services are unaffected.
Engineering has confirmed the impact to our Security Console & API services has been mitigated.
Engineering has confirmed that configuration features within our Security Console & API services has been fully restored. Customers may have experienced 404 errors when enabling, disabling, or configuring security protection features from the 3rd of December 2024 at 17:00 to the 4th of December 2024 at 16:19 UTC.
This incident is resolved.
Affected customers may have experienced impact to varying degrees and to a shorter duration than as set forth above.
To offer feedback on our status page, click "Give Feedback"
Status Post, Created Date/Time: 2024-12-04 16:38:03 UTC
Note: Our Customer Escalation Management team will update the start date and time of the initial "investigating" status post upon the resolution of this incident. This update is meant to provide our customers and their end users with a potential impact window. The date and time mentioned in the message above indicates when the status post was requested by our Acute Incident Response team.
Fastly Engineers detected a performance impacting event affecting the Security Console & API service.
All other data centers and services were unaffected. The issue has been resolved and we are monitoring performance closely.
Fastly Engineers detected a performance impacting event affecting our Next-Gen WAF (NGWAF) Dashboard.
All other data centers and services were unaffected. The issue has been resolved and we are monitoring performance closely.
We are investigating elevated errors to our Next-Gen WAF (NGWAF) Dashboard.
All other products and services are unaffected by this incident.
Our engineers have identified the contributing factor and are applying a fix to our Next-Gen WAF (NGWAF) Dashboard.
All other locations and services are unaffected.
Engineering has confirmed the impact to our Next-Gen WAF (NGWAF) Dashboard has been mitigated.
Engineering has confirmed that our Next-Gen WAF (NGWAF) Dashboard has been fully restored. Customers may have experienced agents showing as offline and received alerts that agents are offline from 18:00 on October 29, 2024 to 21:35 on October 30, 2024 UTC.
This incident is resolved.
To offer feedback on our status page, click "Give Feedback"
Status Post, Created Date/Time: 2024-10-30 20:58:52 UTC
Note: Our Customer Escalation Management team will update the start date and time of the initial "investigating" status post upon the resolution of this incident. This update is meant to provide our customers and their end users with a potential impact window. The date and time mentioned in the message above indicates when the status post was requested by our Acute Incident Response team.