Create a zone security scenario
POST
/api/zones/{zoneId}/security/scenarios
Creates a scenario owned by the zone from a raw YAML definition; name, enabled, testing and scope are derived from that YAML. The zone is taken from the URL. Rejected with 422 if the zone's scenario limit is exceeded or the name is already used within the zone.
Authorizations
ApiToken
Long-lived API token created via POST /api/api-tokens (returned once in plaintext).
Type
API Key (header: X-API-TOKEN)
or
JWT
JWT access token obtained via POST /api/auth/login. Send as: Authorization: Bearer
Type
HTTP (bearer)
Parameters
Path Parameters
zoneId*
Zone identifier
Type
Requiredstring
Request Body
JSON "definition": "name: block-sql-injection
enabled: true
testing: false
scope: ip
"
{
}
Responses
security-scenario resource created
JSON "@context": "string", "@id": "string", "@type": "string", "id": "0193b3e2-6c1a-7f2a-9a1b-2d3e4f5a6b7c", "name": "block-sql-injection", "enabled": true, "participationMode": "opt_out", "testing": false, "evaluationScope": "ip", "definition": "name: block-sql-injection
enabled: true
testing: false
scope: ip
", "createdAt": "2026-07-01T09:30:00+00:00", "updatedAt": "2026-07-01T09:30:00+00:00"
{
}
