====Secure====

The **Secure** option is used to [[pathsecurity|restrict access]] to only SSL/TLS (or //https//) traffic.

It's common to protect all API endpoints - particularly those that authorise access - with the requirement that they are secure.

Set the value to '1' to enable the rule.

===Example===

<code javascript>
{
   "paths": {
      "/api/": "sslrequired"
   },
   {
       "sslrequired": { 
            "type": "open",
            "secure": 1
        }
   }
</code>

//In the example above, all URLs inside the 'api' folder are openly available, but **must** be accessed via SSL. Reading with a normal **http** request will result in an 'Access Denied' message.//

===Advanced Example===

<code javascript>
{
   "paths": {
      "/api/": "sslrequired"
   },
   {
       "sslrequired": [[{ 
            "type": "open",
            "secure": 1
        }],[{
            "type": "open",
            "demote": "reader"
        }]]
   }
</code>

//This version allows you to call API functions via normal HTTP protocol, but it will not allow you to **write** data - the insecure user will automatically be demoted to a 'reader' and not be able to edit, delete or rename ARDI assets.//

===Alternate Methods===

Note that you can also simply disable access to ARDI on port 80 to force all connections to be secure.