mirror of
https://github.com/ksyasuda/dotfiles.git
synced 2026-03-20 06:11:27 -07:00
45 lines
1.8 KiB
Markdown
45 lines
1.8 KiB
Markdown
# Cloudflare API Shield Reference
|
|
|
|
Expert guidance for API Shield - comprehensive API security suite for discovery, protection, and monitoring.
|
|
|
|
## Reading Order
|
|
|
|
| Task | Files to Read |
|
|
|------|---------------|
|
|
| Initial setup | README → configuration.md |
|
|
| Implement JWT validation | configuration.md → api.md |
|
|
| Add schema validation | configuration.md → patterns.md |
|
|
| Detect API attacks | patterns.md → api.md |
|
|
| Debug issues | gotchas.md |
|
|
|
|
## Feature Selection
|
|
|
|
What protection do you need?
|
|
|
|
```
|
|
├─ Validate request/response structure → Schema Validation 2.0 (configuration.md)
|
|
├─ Verify auth tokens → JWT Validation (configuration.md)
|
|
├─ Client certificates → mTLS (configuration.md)
|
|
├─ Detect BOLA attacks → BOLA Detection (patterns.md)
|
|
├─ Track auth coverage → Auth Posture (patterns.md)
|
|
├─ Stop volumetric abuse → Abuse Detection (patterns.md)
|
|
└─ Discover shadow APIs → API Discovery (api.md)
|
|
```
|
|
|
|
## In This Reference
|
|
|
|
- **[configuration.md](configuration.md)** - Setup, session identifiers, rules, token/mTLS configs
|
|
- **[api.md](api.md)** - Endpoint management, discovery, validation APIs, GraphQL operations
|
|
- **[patterns.md](patterns.md)** - Common patterns, progressive rollout, OWASP mappings, workflows
|
|
- **[gotchas.md](gotchas.md)** - Troubleshooting, false positives, performance, best practices
|
|
|
|
## Quick Start
|
|
|
|
API Shield: Enterprise-grade API security (Discovery, Schema Validation 2.0, JWT, mTLS, BOLA Detection, Auth Posture). Available as Enterprise add-on with preview access.
|
|
|
|
## See Also
|
|
|
|
- [API Shield Docs](https://developers.cloudflare.com/api-shield/)
|
|
- [API Reference](https://developers.cloudflare.com/api/resources/api_gateway/)
|
|
- [OWASP API Security Top 10](https://owasp.org/www-project-api-security/)
|