AM-Set-CORS true sa-protect-from-ddos impose-quota verify-oauth-v2-access-token remove-header-authorization AM-Set-CORS SC-History-JSON request.header.accept = "application/json" SC-History-XML request.header.accept = "application/xml" (proxy.pathsuffix MatchesPath "/history") and (request.verb = "GET") /v1/apps/myapp true true secure