Cloudflare Docs
API Shield
Visit API Shield on GitHub
Set theme to dark (⇧+D)


Cloudflare offers the following features to help secure your APIs:

​​ Example Cloudflare solutions

Cloudflare’s API Shield — together with other compatible Cloudflare products — helps protect your API from the issues detailed in the OWASP® API Security Top 10.

The following table provides examples of how you might match Cloudflare products to OWASP vulnerabilities:

OWASP issueExample Cloudflare solution
Broken Object Level AuthorizationSchema Validation
Broken User AuthenticationmTLS, Anomaly Detection, Rate Limiting, Leaked Credential Checks
Excessive Data ExposureSchema Validation, Sensitive Data Detection (Beta)
Lack of Resources & Rate LimitingAnomaly Detection, Rate Limiting, DDoS Protection
Broken Function Level AuthorizationSchema Validation
Mass AssignmentSchema Validation, Anomaly Detection, Rate Limiting
Security MisconfigurationSchema Validation, Sensitive Data Detection (Beta)
InjectionSchema Validation, WAF Managed Rules
Improper Assets ManagementDiscovery
Insufficient Logging & MonitoringDiscovery SIEM integration, Management and Monitoring