Skip to main content
PUT
/
team
/
threat-protection
Update the team's threat protection policy
curl --request PUT \
  --url https://api.firecrawl.dev/v2/team/threat-protection \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "mode": "normal",
  "riskScoreThreshold": 75,
  "blacklist": [
    "*.risky.example"
  ],
  "whitelist": [
    "*.trusted.example"
  ],
  "blockedTlds": [
    "zip"
  ],
  "failurePolicy": "closed",
  "allowRequestOverrides": true
}
'
{
  "success": true,
  "data": {
    "mode": "normal",
    "riskScoreThreshold": 75,
    "blacklist": [
      "*.risky.example"
    ],
    "whitelist": [
      "*.trusted.example"
    ],
    "blockedTlds": [
      "zip"
    ],
    "failurePolicy": "closed",
    "allowRequestOverrides": true,
    "configured": true,
    "updatedAt": "2023-11-07T05:31:56Z"
  }
}
Full-document update of your organization’s threat protection policy. Unspecified fields reset to defaults. Team admins only.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json
mode
enum<string>
required

Threat protection mode. off disables checks; normal checks domains against Google Web Risk (+2 credits per domain scanned).

Available options:
off,
normal
Example:

"normal"

riskScoreThreshold
integer

Normalized score (0-100) at or above which a classifier verdict is blocked. Lower is stricter.

Required range: 0 <= x <= 100
Example:

75

blacklist
string[]

Exact domains or globs (e.g. *.example.com) always blocked, without a classifier call.

Example:
["*.risky.example"]
whitelist
string[]

Exact domains or globs always allowed. Wins over every other rule.

Example:
["*.trusted.example"]
blockedTlds
string[]

Top-level domains to block outright, lowercase without a leading dot.

Example:
["zip"]
failurePolicy
enum<string>

Behavior when the classifier is unreachable: closed blocks (default), open allows.

Available options:
open,
closed
Example:

"closed"

allowRequestOverrides
boolean

Whether individual requests may pass a threatProtection object. When false, such requests are rejected with 403.

Example:

true

Response

Effective threat protection policy for the team's organization.

success
boolean
Example:

true

data
object