Cloudflare Docs
Visit API Shield on GitHub
Set theme to dark (⇧+D)


Cloudflare offers the following features to help secure your APIs:

Example Cloudflare solutions

Cloudflare’s API Shield — together with other compatible Cloudflare products — helps protect your API from the issues detailed in the OWASP® API Security Top 10.

The following table provides examples of how you might match Cloudflare products to OWASP vulnerabilities:

OWASP issueExample Cloudflare solution
Broken Object Level AuthorizationSchema Validation
Broken User AuthenticationmTLS , Anomaly Detection , Rate Limiting , Leaked Credential Checks
Excessive Data ExposureSchema Validation , Sensitive Data Detection (Beta)
Lack of Resources & Rate LimitingAnomaly Detection , Rate Limiting , DDoS Protection
Broken Function Level AuthorizationSchema Validation
Mass AssignmentSchema Validation , Anomaly Detection , Rate Limiting
Security MisconfigurationSchema Validation , Sensitive Data Detection (Beta)
InjectionSchema Validation , WAF Rulesets
Improper Assets ManagementDiscovery
Insufficient Logging & MonitoringDiscovery SIEM integration