Configure Schema Validation
Create an API Shield with Schema Validation
To configure Schema Validation in the Cloudflare dashboard:
Click Security > API Shield.
In the API Shield card, click Deploy API Shield.
For the Shield properties, enter a descriptive name and set up an expression to trigger your shield.
For example, if your API is available at
http://api.example.com/v1, include a check for the Hostname field — equal to
api.example.com— and a check for the URI Path field using a regular expression — matching the regex
In the Schema Validation card, switch the toggle to On.
For Upload API Schema, upload your schema file.
Click Save to validate the content of the schema file and deploy the Schema Validation rule.
After deploying your API Shield rule, Cloudflare displays a summary of all API endpoints organized by their protection level and actions that will occur for non-compliant and unprotected requests.
In the Endpoint action dropdown, select an action for every request that targets a protected endpoint and fails Schema Validation.
In the Fallthrough action dropdown, select an action for every request that targets an unprotected endpoint.