Update Threat Protection Policy
Full-document update. Unspecified fields reset to defaults. Enterprise feature, team admins only.
Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Body
Threat protection mode. off disables checks; normal checks domains against Google Web Risk (+2 credits per domain scanned).
off, normal "normal"
Normalized score (0-100) at or above which a classifier verdict is blocked. Lower is stricter.
0 <= x <= 10075
Exact domains or globs (e.g. *.example.com) always blocked, without a classifier call.
["*.risky.example"]Exact domains or globs always allowed. Wins over every other rule.
["*.trusted.example"]Top-level domains to block outright, lowercase without a leading dot.
["zip"]Behavior when the classifier is unreachable: closed blocks (default), open allows.
open, closed "closed"
Whether individual requests may pass a threatProtection object. When false, such requests are rejected with 403.
true

