Most development teams struggle to keep track of their APIs. Cloudflare API Discovery helps you map out and understand your attack surface area.
Cloudflare produces a simple, trustworthy map of API endpoints through a process of path normalization.
For example, you might have thousands of APIs, but a lot of the calls look similar, such as:
Both paths serve a similar purpose — allowing users to log into their accounts — but they are not identical. To simplify your endpoints, these examples might both map to
API Discovery runs this process across all your authenticated endpoints, eventually generating a simple map of endpoints that might look like:
This process currently requires a session identifier, like an authorization token available as a request header. Once you have finished API Discovery, your APIs are ready for protection from and attacks.