diff --git a/.DS_Store b/.DS_Store
new file mode 100644
index 0000000..5f01d83
Binary files /dev/null and b/.DS_Store differ
diff --git a/docs/__pycache__/custom_roles.cpython-311.pyc b/docs/__pycache__/custom_roles.cpython-311.pyc
new file mode 100644
index 0000000..c840a71
Binary files /dev/null and b/docs/__pycache__/custom_roles.cpython-311.pyc differ
diff --git a/docs/class1/class1.rst b/docs/class1/class1.rst
index 80fa68e..80a0a21 100755
--- a/docs/class1/class1.rst
+++ b/docs/class1/class1.rst
@@ -63,7 +63,7 @@ During this class we will:
 
         var email = emailInput.value;
         localStorage.setItem('email', email);
-        fetch(`https://f5xclabmgmt.vltr.nginx-experience.com/v1/student/${btoa(email)}`, {
+        fetch(`https://f5xclabmgmt.vltr.nginx-experience.com/v1/student/f5xcemeaworkshop/${btoa(email)}`, {
             method: 'GET',
             headers: {
                 'Content-Type': 'application/json'
diff --git a/docs/class1/modulea2/modulea2.rst b/docs/class1/modulea2/modulea2.rst
index 520a154..35eca04 100644
--- a/docs/class1/modulea2/modulea2.rst
+++ b/docs/class1/modulea2/modulea2.rst
@@ -30,7 +30,7 @@
 
         var email = emailInput.value;
         localStorage.setItem('email', email);
-        fetch(`https://f5xclabmgmt.vltr.nginx-experience.com/v1/student/${btoa(email)}`, {
+        fetch(`https://f5xclabmgmt.vltr.nginx-experience.com/v1/student/f5xcemeaworkshop/${btoa(email)}`, {
             method: 'GET',
             headers: {
                 'Content-Type': 'application/json'
diff --git a/docs/class2/class2.rst b/docs/class2/class2.rst
index bec2c2c..7993454 100644
--- a/docs/class2/class2.rst
+++ b/docs/class2/class2.rst
@@ -69,7 +69,7 @@ During this class we will:
 
         var email = emailInput.value;
         localStorage.setItem('email', email);
-        fetch(`https://f5xclabmgmt.vltr.nginx-experience.com/v1/student/${btoa(email)}`, {
+        fetch(`https://f5xclabmgmt.vltr.nginx-experience.com/v1/student/f5xcemeaworkshop/${btoa(email)}`, {
             method: 'GET',
             headers: {
                 'Content-Type': 'application/json'
diff --git a/docs/class3/class3.rst b/docs/class3/class3.rst
index 0bb29a2..8005b02 100644
--- a/docs/class3/class3.rst
+++ b/docs/class3/class3.rst
@@ -55,7 +55,7 @@ During this class we will:
 
         var email = emailInput.value;
         localStorage.setItem('email', email);
-        fetch(`https://f5xclabmgmt.vltr.nginx-experience.com/v1/student/${btoa(email)}`, {
+        fetch(`https://f5xclabmgmt.vltr.nginx-experience.com/v1/student/f5xcemeaworkshop/${btoa(email)}`, {
             method: 'GET',
             headers: {
                 'Content-Type': 'application/json'
diff --git a/docs/class4/class4.rst b/docs/class4/class4.rst
new file mode 100644
index 0000000..ea5ff3f
--- /dev/null
+++ b/docs/class4/class4.rst
@@ -0,0 +1,28 @@
+Class 4 - API Protection
+########################
+
+Lab Maintainers:
+
+  Matthieu Dierick <m.dierick@f5.com>
+
+  Sorin Boiangiu <s.boiangiu@f5.com>   
+
+|
+
+Welcome to the F5 Distributed Cloud - API Protection lab
+
+Distributed Cloud API Security provides discovery and deep insights from use of AI/ML. Identify shadow APIs and block API attacks in real time and eliminate vulnerabilities at their source. The SaaS-based portal enables users to manage and go deep for threat analytics, forensics, and troubleshooting of API communications for modern applications.
+
+APIs change frequently:
+
+* Easily identify all API endpoints mapped to your applications and monitor anomalous activities or shadow APIs including blocking of suspicious requests and endpoints. 
+* Generate API schema and Swagger files to minimize manual tracking of API endpoints. 
+* Reduce time spent configuring and deploying API security policies.
+
+
+
+.. toctree::
+   :maxdepth: 2
+   :glob:
+
+   module*/module*
diff --git a/docs/class4/module1/lab1/lab1.rst b/docs/class4/module1/lab1/lab1.rst
new file mode 100644
index 0000000..290e238
--- /dev/null
+++ b/docs/class4/module1/lab1/lab1.rst
@@ -0,0 +1,105 @@
+Expose the modern API application on F5XC
+=========================================
+
+In this lab, we will use a modern application based on API first.
+You can find more details about this app, on Github : https://github.com/f5devcentral/sentence-demo-app
+
+In a nutshell, this application is composed of multiple technology frameworks.
+
+This app will generate a sentence :)
+
+.. image:: ../pictures/sentence-demo-app.png
+   :align: center
+
+App Documentation
+-----------------
+
+Every ``WORD`` pod delivers a list of ``WORDS``. Then, the ``GENERATOR`` select one ``WORD`` per POD, and generates a ``SENTENCE`` in a JSON format
+
+.. image:: ../pictures/topology.png
+   :align: center
+
+.. code-block:: JSON
+
+    {
+        "adjectives": "proud",
+        "animals": "lion",
+        "colors": "blue",
+        "locations": "park"
+    }
+
+
+Then, the frontend web application will ``display`` all the ``words`` in a ``sentence``. If one micro-service is not deployed, the word is not displayed.
+
+In term of micro-services, this is how there are used by the Webapp frontend.
+
+.. image:: ../pictures/webapp-containers.png
+   :align: center
+
+
+Expose the application on your F5 Distributed Cloud Namespace
+-------------------------------------------------------------
+
+For this lab, we will use the following configuration
+
+1. Create the Origin Pool targeting Sentence public app
+ 
+a) Web App & API Protection -> Load Balancers -> Origin Pool -> Add Origin Pool -> Fill the bellow data
+
+   .. table:: 
+      :widths: auto
+
+      ==============================    ========================================================================================
+      Object                            Value
+      ==============================    ========================================================================================
+      **Name**                          sentence-public-endpoint
+      
+      **Port**                          80
+
+      **TLS**                           Disable
+      ==============================    ========================================================================================
+
+b) In the same screen -> Origin Servers -> Add Item -> Fill the bellow data -> Apply -> Save and exit
+
+   .. table:: 
+      :widths: auto
+
+      ====================    ========================================================================================
+      Object                  Value
+      ====================    ========================================================================================
+      **DNS name**            sentence.emea.f5se.com
+      ====================    ========================================================================================
+
+   .. raw:: html   
+
+      <script>c1m1l2a();</script>  
+
+1. Create the HTTP LB
+
+a) Web App & API Protection -> Load Balancers -> HTTP Load Balancer -> Add HTTP Load Balancer -> Fill the bellow data -> Save and exit
+
+   .. table:: 
+      :widths: auto
+
+      ====================================    =================================================================================================
+      Object                                  Value
+      ====================================    =================================================================================================
+      **Name**                                sentence-re-lb
+                     
+      **Domains**                             sentence-re-$$makeId$$.workshop.emea.f5se.com
+
+      **Load Balancer Type**                  HTTP
+                                                                                 
+      **Automatically Manage DNS Records**    Enable 
+
+      **Origin Pools**                        Click **Add Item**, for the **Origin Pool** select $$namespace$$/sentence-public-endpoint -> Apply
+      ====================================    =================================================================================================
+
+   .. raw:: html   
+
+      <script>c1m1l2b();</script>  
+
+3. So far, Sentence application is not protected but exposed all over the world on all F5XC RE. 
+Check your Sentence application is exposed and reachable from the F5XC Global Network by browsing to :ext_link:`http://sentence-re-$$makeId$$.workshop.emea.f5se.com`
+
+.. warning:: Some Service Providers have a very long recursive cache. It can take several minutes to get a DNS response. You can change your DNS server to 1.1.1.1 or 8.8.8.8 to fix that.
\ No newline at end of file
diff --git a/docs/class4/module1/lab2/lab2.rst b/docs/class4/module1/lab2/lab2.rst
new file mode 100644
index 0000000..1a859b6
--- /dev/null
+++ b/docs/class4/module1/lab2/lab2.rst
@@ -0,0 +1,21 @@
+Protect the modern API application with F5XC - static protection
+================================================================
+
+Assign OpenAPI spec file to the LB
+----------------------------------
+
+Upload file
+^^^^^^^^^^^
+
+Create API Def
+^^^^^^^^^^^^^^
+
+Assign API def to LB
+^^^^^^^^^^^^^^^^^^^^
+
+Apply API Protection rules
+--------------------------
+
+Create the default API Protection rule
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
diff --git a/docs/class4/module1/lab3/lab3.rst b/docs/class4/module1/lab3/lab3.rst
new file mode 100644
index 0000000..92daca9
--- /dev/null
+++ b/docs/class4/module1/lab3/lab3.rst
@@ -0,0 +1,3 @@
+Test your modern API application protection
+===========================================
+
diff --git a/docs/class4/module1/module1.rst b/docs/class4/module1/module1.rst
new file mode 100644
index 0000000..122d2e5
--- /dev/null
+++ b/docs/class4/module1/module1.rst
@@ -0,0 +1,14 @@
+Static API Protection
+#####################
+
+In this section, we will protect a modern API application with F5 Distributed Cloud. We will start by a **static** protection where SecOps apply the OpenAPI file to the protected application.
+
+
+
+**Module 1 - All sections**
+
+.. toctree::
+   :maxdepth: 1
+   :glob:
+
+   lab*/lab*
\ No newline at end of file
diff --git a/docs/class4/module1/pictures/sentence-demo-app.png b/docs/class4/module1/pictures/sentence-demo-app.png
new file mode 100644
index 0000000..00df749
Binary files /dev/null and b/docs/class4/module1/pictures/sentence-demo-app.png differ
diff --git a/docs/class4/module1/pictures/topology.png b/docs/class4/module1/pictures/topology.png
new file mode 100644
index 0000000..16d60b3
Binary files /dev/null and b/docs/class4/module1/pictures/topology.png differ
diff --git a/docs/class4/module1/pictures/webapp-containers.png b/docs/class4/module1/pictures/webapp-containers.png
new file mode 100644
index 0000000..adb5d19
Binary files /dev/null and b/docs/class4/module1/pictures/webapp-containers.png differ
diff --git a/docs/class4/module2/lab1/lab1.rst b/docs/class4/module2/lab1/lab1.rst
new file mode 100644
index 0000000..126a8fe
--- /dev/null
+++ b/docs/class4/module2/lab1/lab1.rst
@@ -0,0 +1,10 @@
+Enable API discovery
+====================
+
+Enable Endpoint Discovery
+-------------------------
+
+
+Enable PII Discovery
+--------------------
+
diff --git a/docs/class4/module2/lab2/lab2.rst b/docs/class4/module2/lab2/lab2.rst
new file mode 100644
index 0000000..95e141c
--- /dev/null
+++ b/docs/class4/module2/lab2/lab2.rst
@@ -0,0 +1,18 @@
+API Discovery outcomes
+======================
+
+Endpoint Discovery
+------------------
+
+
+PII Discovery
+-------------
+
+
+
+Authentication Discovery
+------------------------
+
+
+AI/ML Security Posture
+----------------------
\ No newline at end of file
diff --git a/docs/class4/module2/module2.rst b/docs/class4/module2/module2.rst
new file mode 100644
index 0000000..2bc3786
--- /dev/null
+++ b/docs/class4/module2/module2.rst
@@ -0,0 +1,13 @@
+Dynamic API Protection
+######################
+
+In this section, we will protect the same modern application with F5 Distributed Cloud, but we will enable the **dynamic** protection where SecOps apply the API Discovery and validation.
+
+
+**Module 2 - All sections**
+
+.. toctree::
+   :maxdepth: 1
+   :glob:
+
+   lab*/lab*
\ No newline at end of file