Skip to content
Cloudflare API
Start here
API Reference
API Gateway
Settings
Schema Validation

Update zone level schema validation settings

Deprecated
PATCH/zones/{zone_id}/api_gateway/settings/schema_validation

Updates zone level schema validation settings on the zone

Security
API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY
API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194
Accepted Permissions (at least one required)
Account API GatewayDomain API Gateway
Path ParametersExpand Collapse
zone_id: string

Identifier.

maxLength32
Body ParametersJSONExpand Collapse
validation_default_mitigation_action: optional "none" or "log" or "block"

The default mitigation action used when there is no mitigation action defined on the operation Mitigation actions are as follows:

  • log - log request when request does not conform to schema
  • block - deny access to the site when request does not conform to schema

A special value of of none will skip running schema validation entirely for the request when there is no mitigation action defined on the operation

null will have no effect.

One of the following:
"none"
"log"
"block"
validation_override_mitigation_action: optional "none" or "disable_override"

When set, this overrides both zone level and operation level mitigation actions.

  • none will skip running schema validation entirely for the request

To clear any override, use the special value disable_override

null will have no effect.

One of the following:
"none"
"disable_override"
ReturnsExpand Collapse
Settings { validation_default_mitigation_action, validation_override_mitigation_action }
validation_default_mitigation_action: optional "none" or "log" or "block"

The default mitigation action used when there is no mitigation action defined on the operation

Mitigation actions are as follows:

  • log - log request when request does not conform to schema
  • block - deny access to the site when request does not conform to schema

A special value of of none will skip running schema validation entirely for the request when there is no mitigation action defined on the operation

One of the following:
"none"
"log"
"block"
validation_override_mitigation_action: optional "none"

When set, this overrides both zone level and operation level mitigation actions.

  • none will skip running schema validation entirely for the request
  • null indicates that no override is in place

Update zone level schema validation settings

curl https://api.cloudflare.com/client/v4/zones/$ZONE_ID/api_gateway/settings/schema_validation \
    -X PATCH \
    -H 'Content-Type: application/json' \
    -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
    -d '{
          "validation_default_mitigation_action": "block",
          "validation_override_mitigation_action": "none"
        }'
{
  "validation_default_mitigation_action": "block",
  "validation_override_mitigation_action": "none"
}
Returns Examples
{
  "validation_default_mitigation_action": "block",
  "validation_override_mitigation_action": "none"
}