Skip to main content
PATCH
/
shield
/
shield-zone
/
{shieldZoneId}
/
api-guardian
/
endpoint
/
{endpointId}
Update your API Guardian Endpoint configuration
curl --request PATCH \
  --url https://api.bunny.net/shield/shield-zone/{shieldZoneId}/api-guardian/endpoint/{endpointId} \
  --header 'Content-Type: application/json' \
  --data '
{
  "isEnabled": true,
  "validateRequestBodySchema": true,
  "validateResponseBodySchema": true,
  "validateAuthorization": true,
  "injectionDetectionParameters": {
    "Path": [
      "<string>"
    ],
    "Query": [
      "<string>"
    ],
    "Header": [
      "<string>"
    ],
    "Cookie": [
      "<string>"
    ]
  },
  "detectParameterXss": true,
  "detectParameterSqli": true,
  "rateLimitingEnabled": true,
  "rateLimitingRequestCount": 123
}
'
{
  "error": {
    "success": true,
    "message": "<string>",
    "errorKey": "<string>"
  },
  "data": {
    "apiGuardianEndpointId": 123,
    "shieldZoneId": 123,
    "requestMethod": "<string>",
    "requestPath": "<string>",
    "validateRequestBodySchema": true,
    "validateResponseBodySchema": true,
    "validateAuthorization": true,
    "isEnabled": true,
    "authSchemes": [
      {
        "schemeName": "<string>",
        "credentialName": "<string>",
        "httpScheme": "<string>"
      }
    ],
    "requestBodySchemaYaml": "<string>",
    "responseBodySchemasYaml": {},
    "availableParameters": {
      "Path": [
        "<string>"
      ],
      "Query": [
        "<string>"
      ],
      "Header": [
        "<string>"
      ],
      "Cookie": [
        "<string>"
      ]
    },
    "injectionDetectionParameters": {
      "Path": [
        "<string>"
      ],
      "Query": [
        "<string>"
      ],
      "Header": [
        "<string>"
      ],
      "Cookie": [
        "<string>"
      ]
    },
    "detectParameterXss": true,
    "detectParameterSqli": true,
    "rateLimitingEnabled": true,
    "rateLimitingRequestCount": 123,
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z"
  }
}

Path Parameters

shieldZoneId
integer<int32>
required
endpointId
integer<int64>
required

Body

Patch request for updating an individual API Guardian endpoint. All fields are optional — only provided fields are applied.

isEnabled
boolean | null

Enable or disable this endpoint. Disabled endpoints are not enforced.

validateRequestBodySchema
boolean | null

Enable or disable request body schema validation. Only effective if the endpoint's OAS operation defines a request body schema.

validateResponseBodySchema
boolean | null

Enable or disable response body schema validation. Only effective if the endpoint's OAS operation defines response schemas.

validateAuthorization
boolean | null

Enable or disable enforcement of authentication requirements as defined in the OAS security schemes.

injectionDetectionParameters
object | null

Parameters to run injection detection on, grouped by location (path, query, header, cookie). Must be a subset of the endpoint's available parameters.

detectParameterXss
boolean | null

Enable XSS detection on the selected injection detection parameters.

detectParameterSqli
boolean | null

Enable SQL injection detection on the selected injection detection parameters.

rateLimitingEnabled
boolean | null

Enable or disable per-endpoint rate limiting.

rateLimitingType
enum<string>
Available options:
Global,
IP
rateLimitingRequestCount
integer<int32> | null

Maximum number of requests allowed within the timeframe before blocking. Must be greater than zero.

rateLimitingTimeframe
enum<integer>

1 = PerSecond 10 = PerTenSeconds 60 = PerOneMinute 300 = PerFiveMinutes 900 = PerFifteenMinutes 3600 = PerOneHour

Available options:
1,
10,
60,
300,
900,
3600

Response

OK

Response for the PATCH /endpoint/{endpointId} endpoint.

error
object

Generic response object containing status information for API operations.

data
object

Detailed view of a single API Guardian endpoint, including its validation settings, authentication requirements, and rate limiting configuration.