Configure Schema Validation
Use the API Shield interface to configure API Schema Validation , which validates requests according to the API Schema you provide.
Before you can configure Schema Validation for an API, you must obtain an API Schema file matching our specifications .
Create an API Shield with Schema Validation
To configure Schema Validation in the Cloudflare dashboard:
-
Log in to the Cloudflare dashboard and select your account and application.
-
Click Security > API Shield.
-
In the API Shield card, click Deploy API Shield.
-
For the Shield properties, enter a descriptive name and set up an expression to trigger your shield.
For example, if your API is available at
http://api.example.com/v1, include a check for the Hostname field — equal toapi.example.com— and a check for the URI Path field using a regular expression — matching the regex^/v1. -
Click Next.
-
In the Schema Validation card, switch the toggle to On.
-
For Upload API Schema, upload your schema file.
-
Click Save to validate the content of the schema file and deploy the Schema Validation rule.
If you get a validation error, make sure you are using one of the supported file formats and that each endpoint and method pair has a unique Operation ID .
-
After deploying your API Shield rule, Cloudflare displays a summary of all API endpoints organized by their protection level and actions that will occur for non-compliant and unprotected requests.
-
In the Endpoint action dropdown, select an action for every request that targets a protected endpoint and fails Schema Validation.
-
In the Fallthrough action dropdown, select an action for every request that targets an unprotected endpoint.
-
Click Done.