Skip to main content
PATCH
/
shield
/
shield-zone
/
{shieldZoneId}
/
api-guardian
/
endpoint
/
{endpointId}
Update your API Guardian Endpoint configuration
curl --request PATCH \
  --url https://api.bunny.net/shield/shield-zone/{shieldZoneId}/api-guardian/endpoint/{endpointId} \
  --header 'Content-Type: application/json' \
  --data '
{
  "isEnabled": true,
  "validateRequestBodySchema": true,
  "validateResponseBodySchema": true,
  "validateAuthorization": true,
  "injectionDetectionParameters": {
    "Path": [
      "<string>"
    ],
    "Query": [
      "<string>"
    ],
    "Header": [
      "<string>"
    ],
    "Cookie": [
      "<string>"
    ]
  },
  "detectParameterXss": true,
  "detectParameterSqli": true,
  "rateLimitingEnabled": true,
  "rateLimitingType": 0,
  "rateLimitingRequestCount": 123,
  "rateLimitingTimeframe": 1
}
'
{
  "error": {
    "statusCode": 100,
    "success": true,
    "message": "<string>",
    "errorKey": "<string>"
  },
  "data": {
    "apiGuardianEndpointId": 123,
    "shieldZoneId": 123,
    "requestMethod": "<string>",
    "requestPath": "<string>",
    "validateRequestBodySchema": true,
    "validateResponseBodySchema": true,
    "validateAuthorization": true,
    "isEnabled": true,
    "authSchemes": [
      {
        "schemeName": "<string>",
        "schemeType": 0,
        "location": 0,
        "credentialName": "<string>",
        "httpScheme": "<string>"
      }
    ],
    "requestBodySchemaYaml": "<string>",
    "responseBodySchemasYaml": {},
    "availableParameters": {
      "Path": [
        "<string>"
      ],
      "Query": [
        "<string>"
      ],
      "Header": [
        "<string>"
      ],
      "Cookie": [
        "<string>"
      ]
    },
    "injectionDetectionParameters": {
      "Path": [
        "<string>"
      ],
      "Query": [
        "<string>"
      ],
      "Header": [
        "<string>"
      ],
      "Cookie": [
        "<string>"
      ]
    },
    "detectParameterXss": true,
    "detectParameterSqli": true,
    "rateLimitingEnabled": true,
    "rateLimitingType": 0,
    "rateLimitingRequestCount": 123,
    "rateLimitingTimeframe": 1,
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z"
  }
}

Documentation Index

Fetch the complete documentation index at: https://docs.bunny.net/llms.txt

Use this file to discover all available pages before exploring further.

Path Parameters

shieldZoneId
integer<int32>
required
endpointId
integer<int64>
required

Body

Patch request for updating an individual API Guardian endpoint. All fields are optional — only provided fields are applied.

isEnabled
boolean | null

Enable or disable this endpoint. Disabled endpoints are not enforced.

validateRequestBodySchema
boolean | null

Enable or disable request body schema validation. Only effective if the endpoint's OAS operation defines a request body schema.

validateResponseBodySchema
boolean | null

Enable or disable response body schema validation. Only effective if the endpoint's OAS operation defines response schemas.

validateAuthorization
boolean | null

Enable or disable enforcement of authentication requirements as defined in the OAS security schemes.

injectionDetectionParameters
object

Parameters to run injection detection on, grouped by location (path, query, header, cookie). Must be a subset of the endpoint's available parameters.

detectParameterXss
boolean | null

Enable XSS detection on the selected injection detection parameters.

detectParameterSqli
boolean | null

Enable SQL injection detection on the selected injection detection parameters.

rateLimitingEnabled
boolean | null

Enable or disable per-endpoint rate limiting.

rateLimitingType
enum<integer>
Available options:
0,
1
rateLimitingRequestCount
integer<int32> | null

Maximum number of requests allowed within the timeframe before blocking. Must be greater than zero.

rateLimitingTimeframe
enum<integer>
Available options:
1,
10,
60,
300,
900,
3600

Response

OK

Response for the PATCH /endpoint/{endpointId} endpoint.

error
object

Generic response object containing status information for API operations.

data
object

Detailed view of a single API Guardian endpoint, including its validation settings, authentication requirements, and rate limiting configuration.