Skip to main content
PATCH
/
shield
/
shield-zone
/
{shieldZoneId}
/
api-guardian
/
spec
Update your OpenAPI specification
curl --request PATCH \
  --url https://api.bunny.net/shield/shield-zone/{shieldZoneId}/api-guardian/spec \
  --header 'Content-Type: application/json' \
  --data '
{
  "content": "<string>",
  "enforceAuthorizationValidation": true
}
'
import requests

url = "https://api.bunny.net/shield/shield-zone/{shieldZoneId}/api-guardian/spec"

payload = {
    "content": "<string>",
    "enforceAuthorizationValidation": True
}
headers = {"Content-Type": "application/json"}

response = requests.patch(url, json=payload, headers=headers)

print(response.text)
const options = {
  method: 'PATCH',
  headers: {'Content-Type': 'application/json'},
  body: JSON.stringify({content: '<string>', enforceAuthorizationValidation: true})
};

fetch('https://api.bunny.net/shield/shield-zone/{shieldZoneId}/api-guardian/spec', options)
  .then(res => res.json())
  .then(res => console.log(res))
  .catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://api.bunny.net/shield/shield-zone/{shieldZoneId}/api-guardian/spec",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "PATCH",
  CURLOPT_POSTFIELDS => json_encode([
    'content' => '<string>',
    'enforceAuthorizationValidation' => true
  ]),
  CURLOPT_HTTPHEADER => [
    "Content-Type: application/json"
  ],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}
package main

import (
	"fmt"
	"strings"
	"net/http"
	"io"
)

func main() {

	url := "https://api.bunny.net/shield/shield-zone/{shieldZoneId}/api-guardian/spec"

	payload := strings.NewReader("{\n  \"content\": \"<string>\",\n  \"enforceAuthorizationValidation\": true\n}")

	req, _ := http.NewRequest("PATCH", url, payload)

	req.Header.Add("Content-Type", "application/json")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)

	fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.patch("https://api.bunny.net/shield/shield-zone/{shieldZoneId}/api-guardian/spec")
  .header("Content-Type", "application/json")
  .body("{\n  \"content\": \"<string>\",\n  \"enforceAuthorizationValidation\": true\n}")
  .asString();
require 'uri'
require 'net/http'

url = URI("https://api.bunny.net/shield/shield-zone/{shieldZoneId}/api-guardian/spec")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Patch.new(url)
request["Content-Type"] = 'application/json'
request.body = "{\n  \"content\": \"<string>\",\n  \"enforceAuthorizationValidation\": true\n}"

response = http.request(request)
puts response.read_body
{
  "error": {
    "success": true,
    "message": "<string>",
    "errorKey": "<string>"
  },
  "data": {
    "configuration": {
      "shieldZoneId": 123,
      "isEnabled": true,
      "title": "<string>",
      "version": "<string>",
      "maxEndpoints": 123,
      "maxFieldsPerType": 123,
      "maxNestingDepth": 123,
      "maxTotalSchemaNodes": 123,
      "maxTotalRegexLength": 123,
      "createdAt": "2023-11-07T05:31:56Z",
      "updatedAt": "2023-11-07T05:31:56Z"
    },
    "endpoints": [
      {
        "apiGuardianEndpointId": 123,
        "shieldZoneId": 123,
        "requestMethod": "<string>",
        "requestPath": "<string>",
        "validateRequestBodySchema": true,
        "validateResponseBodySchema": true,
        "validateAuthorization": true,
        "isEnabled": true,
        "authSchemes": [
          {
            "schemeName": "<string>",
            "credentialName": "<string>",
            "httpScheme": "<string>"
          }
        ],
        "requestBodySchemaYaml": "<string>",
        "responseBodySchemasYaml": {},
        "availableParameters": {
          "Path": [
            "<string>"
          ],
          "Query": [
            "<string>"
          ],
          "Header": [
            "<string>"
          ],
          "Cookie": [
            "<string>"
          ]
        },
        "injectionDetectionParameters": {
          "Path": [
            "<string>"
          ],
          "Query": [
            "<string>"
          ],
          "Header": [
            "<string>"
          ],
          "Cookie": [
            "<string>"
          ]
        },
        "detectParameterXss": true,
        "detectParameterSqli": true,
        "rateLimitingEnabled": true,
        "rateLimitingRequestCount": 123,
        "createdAt": "2023-11-07T05:31:56Z",
        "updatedAt": "2023-11-07T05:31:56Z"
      }
    ]
  }
}
{
  "type": "<string>",
  "title": "<string>",
  "status": 123,
  "detail": "<string>",
  "instance": "<string>"
}
{
  "error": {
    "success": true,
    "message": "<string>",
    "errorKey": "<string>"
  },
  "data": {
    "configuration": {
      "shieldZoneId": 123,
      "isEnabled": true,
      "title": "<string>",
      "version": "<string>",
      "maxEndpoints": 123,
      "maxFieldsPerType": 123,
      "maxNestingDepth": 123,
      "maxTotalSchemaNodes": 123,
      "maxTotalRegexLength": 123,
      "createdAt": "2023-11-07T05:31:56Z",
      "updatedAt": "2023-11-07T05:31:56Z"
    },
    "endpoints": [
      {
        "apiGuardianEndpointId": 123,
        "shieldZoneId": 123,
        "requestMethod": "<string>",
        "requestPath": "<string>",
        "validateRequestBodySchema": true,
        "validateResponseBodySchema": true,
        "validateAuthorization": true,
        "isEnabled": true,
        "authSchemes": [
          {
            "schemeName": "<string>",
            "credentialName": "<string>",
            "httpScheme": "<string>"
          }
        ],
        "requestBodySchemaYaml": "<string>",
        "responseBodySchemasYaml": {},
        "availableParameters": {
          "Path": [
            "<string>"
          ],
          "Query": [
            "<string>"
          ],
          "Header": [
            "<string>"
          ],
          "Cookie": [
            "<string>"
          ]
        },
        "injectionDetectionParameters": {
          "Path": [
            "<string>"
          ],
          "Query": [
            "<string>"
          ],
          "Header": [
            "<string>"
          ],
          "Cookie": [
            "<string>"
          ]
        },
        "detectParameterXss": true,
        "detectParameterSqli": true,
        "rateLimitingEnabled": true,
        "rateLimitingRequestCount": 123,
        "createdAt": "2023-11-07T05:31:56Z",
        "updatedAt": "2023-11-07T05:31:56Z"
      }
    ]
  }
}
{
  "error": {
    "success": true,
    "message": "<string>",
    "errorKey": "<string>"
  },
  "data": {
    "configuration": {
      "shieldZoneId": 123,
      "isEnabled": true,
      "title": "<string>",
      "version": "<string>",
      "maxEndpoints": 123,
      "maxFieldsPerType": 123,
      "maxNestingDepth": 123,
      "maxTotalSchemaNodes": 123,
      "maxTotalRegexLength": 123,
      "createdAt": "2023-11-07T05:31:56Z",
      "updatedAt": "2023-11-07T05:31:56Z"
    },
    "endpoints": [
      {
        "apiGuardianEndpointId": 123,
        "shieldZoneId": 123,
        "requestMethod": "<string>",
        "requestPath": "<string>",
        "validateRequestBodySchema": true,
        "validateResponseBodySchema": true,
        "validateAuthorization": true,
        "isEnabled": true,
        "authSchemes": [
          {
            "schemeName": "<string>",
            "credentialName": "<string>",
            "httpScheme": "<string>"
          }
        ],
        "requestBodySchemaYaml": "<string>",
        "responseBodySchemasYaml": {},
        "availableParameters": {
          "Path": [
            "<string>"
          ],
          "Query": [
            "<string>"
          ],
          "Header": [
            "<string>"
          ],
          "Cookie": [
            "<string>"
          ]
        },
        "injectionDetectionParameters": {
          "Path": [
            "<string>"
          ],
          "Query": [
            "<string>"
          ],
          "Header": [
            "<string>"
          ],
          "Cookie": [
            "<string>"
          ]
        },
        "detectParameterXss": true,
        "detectParameterSqli": true,
        "rateLimitingEnabled": true,
        "rateLimitingRequestCount": 123,
        "createdAt": "2023-11-07T05:31:56Z",
        "updatedAt": "2023-11-07T05:31:56Z"
      }
    ]
  }
}

Path Parameters

shieldZoneId
integer<int32>
required

Body

Represents the request for uploading or updating an OpenAPI specification in API Guardian.

content
string | null

The file contents of the OpenAPI specification.

enforceAuthorizationValidation
boolean | null

Whether to enforce authentication requirements for endpoints. On upload, defaults to true if not specified. On update, existing endpoint auth settings are preserved if not specified.

Response

OK

Represents the response for uploading or updating an OpenAPI specification in API Guardian.

error
object

Generic response object containing status information for API operations.

data
object

The full API Guardian state for a shield zone: global configuration and all endpoints.

Last modified on July 7, 2026