Cloudflare API Shield helps you secure your APIs with strong client certificate-based identity and strict schema-based validation to protect your APIs from attack.

Prevent stolen or compromised devices from exposing sensitive data by permanently excluding traffic. Cloudflare manages the certificates so you don’t have to and lets you embed client certificates into mobile apps and IoT devices. Revoke a list of client side certificates with a single click.

Stop data leaks and protect your origin from invalid requests or a malicious payload. Create a positive security model by uploading an OpenAPI schema to the Firewall. Every request will be verified against your API definition and the requests that do not comply will be blocked

Block malicious IPs from abusing your APIs. Leverage Cloudflare's massive scale of threat intelligence with a managed IP list that contains IPs of Open SOCKS and HTTP Proxy.

Apply rate limiting to prevent malicious actors from abusing your origin and your application.