API Reference

API Gateway

Settings

Schema Validation

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Update zone level schema validation settings

Deprecated: Use [Schema Validation API](https://developers.cloudflare.com/api/resources/schema_validation/) instead.

PUT/zones/{zone_id}/api_gateway/settings/schema_validation

Updates zone level schema validation settings on the zone

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Account API GatewayDomain API Gateway

Path ParametersExpand Collapse

zone_id: string

Identifier.

maxLength32

Body ParametersJSONExpand Collapse

validation_default_mitigation_action: "none" or "log" or "block"

The default mitigation action used when there is no mitigation action defined on the operation

Mitigation actions are as follows:

• log - log request when request does not conform to schema
• block - deny access to the site when request does not conform to schema

A special value of of none will skip running schema validation entirely for the request when there is no mitigation action defined on the operation

One of the following:

"none"

"log"

"block"

validation_override_mitigation_action: optional "none" or "disable_override"

When set, this overrides both zone level and operation level mitigation actions.

• none will skip running schema validation entirely for the request
• null indicates that no override is in place

To clear any override, use the special value disable_override or null

One of the following:

"none"

"disable_override"

ReturnsExpand Collapse

Settings object { validation_default_mitigation_action, validation_override_mitigation_action }

validation_default_mitigation_action: optional "none" or "log" or "block"

The default mitigation action used when there is no mitigation action defined on the operation

Mitigation actions are as follows:

• log - log request when request does not conform to schema
• block - deny access to the site when request does not conform to schema

A special value of of none will skip running schema validation entirely for the request when there is no mitigation action defined on the operation

One of the following:

"none"

"log"

"block"

validation_override_mitigation_action: optional "none"

When set, this overrides both zone level and operation level mitigation actions.

• none will skip running schema validation entirely for the request
• null indicates that no override is in place

Update zone level schema validation settings

HTTP

HTTP

TypeScript

Python

Go

Terraform

curl https://api.cloudflare.com/client/v4/zones/$ZONE_ID/api_gateway/settings/schema_validation \
    -X PUT \
    -H 'Content-Type: application/json' \
    -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
    -d '{
          "validation_default_mitigation_action": "block",
          "validation_override_mitigation_action": "none"
        }'

200 example

{
  "validation_default_mitigation_action": "block",
  "validation_override_mitigation_action": "none"
}

Returns Examples

200 example

{
  "validation_default_mitigation_action": "block",
  "validation_override_mitigation_action": "none"
}