broken links

patriciasantaana · patriciasantaana · commit 67caf1c81a3e · 2025-06-18T14:54:49.000-07:00
diff --git a/src/content/docs/api-shield/get-started.mdx b/src/content/docs/api-shield/get-started.mdx
@@ -117,7 +117,7 @@ Use the Cloudflare API to configure [JSON Web Tokens validation](/api-shield/sec
 
 If your origin uses GraphQL, you may consider setting limits on GraphQL query size and depth.
 
-[GraphQL malicious query protection](/api-shield/security/graphql-protection/configure/) scans your GraphQL traffic for queries that could overload your origin and result in a denial of service. Customers can build rules that limit the query depth and size of incoming GraphQL queries in order to block suspiciously large or complex queries.
+[GraphQL malicious query protection](/api-shield/security/graphql-protection/api/) scans your GraphQL traffic for queries that could overload your origin and result in a denial of service. Customers can build rules that limit the query depth and size of incoming GraphQL queries in order to block suspiciously large or complex queries.
 
 For more information, refer to the [blog post](https://blog.cloudflare.com/protecting-graphql-apis-from-malicious-queries/).
 
diff --git a/src/content/docs/api-shield/reference/terraform.mdx b/src/content/docs/api-shield/reference/terraform.mdx
@@ -65,7 +65,7 @@ resource "cloudflare_api_shield_operation" "post_image" {
 It is required to configure Endpoint Management if you want to set up Schema validation 2.0 using Terraform. 
 :::
 
-Refer to the example configuration below to manage [Schema validation 2.0](/api-shield/security/schema-validation/configure/) on your zone.
+Refer to the example configuration below to manage [Schema validation 2.0](/api-shield/security/schema-validation/api/) on your zone.
 
 ```tf title="Example configuration"
 # Schema that should be used for schema validation 2.0
diff --git a/src/content/docs/api-shield/security/jwt-validation/api.mdx b/src/content/docs/api-shield/security/jwt-validation/api.mdx
@@ -160,8 +160,8 @@ Token validation rules can be configured using the Cloudflare API or [dashboard]
 | `description`                             | A human-readable description that gives more details than `title` and helps to document it. | Log requests without a valid `authorization` header.    | Limited to 500 characters.                                                                                                                                                                              |
 | `action`                                  | The Firewall Action taken on requests that do not meet `expression`.                        | `log`                                                   | Possible: `log` or `block`                                                                                                                                                                              |
 | `enabled`                                 | Enable or disable the rule.                                                                 | `true`                                                  | Possible: `true` or `false`                                                                                                                                                                             |
-| `expression`                              | The rule's security policy.                                                                 | `is_jwt_valid ("00170473-ec24-410e-968a-9905cf0a7d03")` | Make sure to escape any quotes when creating rules using the Cloudflare API. <br /> Refer to [Define a security policy](/api-shield/security/jwt-validation/configure/#define-a-security-policy) below. |
-| `selector`                                | Configure what operations are covered by this rule.                                         |                                                         | Refer to [Applying a rule to operations](/api-shield/security/jwt-validation/configure/#apply-a-rule-to-operations) below.                                                                              |
+| `expression`                              | The rule's security policy.                                                                 | `is_jwt_valid ("00170473-ec24-410e-968a-9905cf0a7d03")` | Make sure to escape any quotes when creating rules using the Cloudflare API. <br /> Refer to [Define a security policy](#define-a-security-policy) below. |
+| `selector`                                | Configure what operations are covered by this rule.                                         |                                                         | Refer to [Applying a rule to operations](#apply-a-rule-to-operations) below.                                                                              |
 
 ### Selectors
 
@@ -179,7 +179,7 @@ To find the operation ID, refer to [Endpoint Management](/api-shield/management-
 
 A request must also match an operation covered by this rule to trigger an action.
 
-Refer to [Apply a rule to operations](/api-shield/security/jwt-validation/configure/#apply-a-rule-to-operations) for more information. 
+Refer to [Apply a rule to operations](#apply-a-rule-to-operations) for more information. 
 :::
 
 A token validation rule's expression defines a security policy that a request must meet.
diff --git a/src/content/docs/api-shield/security/jwt-validation/transform-rules.mdx b/src/content/docs/api-shield/security/jwt-validation/transform-rules.mdx
@@ -21,7 +21,7 @@ For example, the following expression will extract the user claim from a token p
 lookup_json_string(http.request.jwt.claims["<TOKEN_CONFIGURATION_ID>"][0], "claim_name")
 ```
 
-Refer to [Configure JWT validation](/api-shield/security/jwt-validation/configure/) for more information about creating a token configuration.
+Refer to [Configure JWT validation](/api-shield/security/jwt-validation/api/) for more information about creating a token configuration.
 
 ## Create a Transform Rule
 
diff --git a/src/content/docs/api-shield/security/schema-validation/api.mdx b/src/content/docs/api-shield/security/schema-validation/api.mdx
@@ -107,7 +107,7 @@ curl --request PATCH "https://api.cloudflare.com/client/v4/zones/{zone_id}/api_g
 }
 ```
 
-When a schema is active, it executes the mitigation action specified for each operation. Refer to [change the default and operation-specific mitigation action](/api-shield/security/schema-validation/configure/#change-the-default-and-operation-specific-mitigation-action).
+When a schema is active, it executes the mitigation action specified for each operation. Refer to [change the default and operation-specific mitigation action](#change-the-default-and-operation-specific-mitigation-action).
 
 ### Add new operations to Endpoint Management
 
diff --git a/src/content/docs/data-localization/metadata-boundary/graphql-datasets.mdx b/src/content/docs/data-localization/metadata-boundary/graphql-datasets.mdx
@@ -22,7 +22,7 @@ The table below shows a non-exhaustive list of GraphQL Analytics API fields that
 | Zaraz                                      |                                                                      | US and EU <br/>`zarazActionsAdaptiveGroups` <br/> `zarazTrackAdaptiveGroups` <br/> `zarazTriggersAdaptiveGroups`                                                                                                                                                                                                                                                                                                                                                                                                                    |
 | Application Security                       | Advanced Certificate Manager                                         | US and EU <br/> Only the fields `clientSSLProtocol` and `ja3Hash` part of `httpRequestsAdaptive` and `httpRequestsAdaptiveGroups`                                                                                                                                                                                                                                                                                                                                                                                                   |
 | Advanced DDoS Protection                   |                                                                      | US and EU <br/> [`dosdAttackAnalyticsGroups`](/analytics/graphql-api/migration-guides/network-analytics-v2/node-reference/) <br/> [`dosdNetworkAnalyticsAdaptiveGroups`](/analytics/graphql-api/migration-guides/network-analytics-v2/node-reference/) <br/> [`flowtrackdNetworkAnalyticsAdaptiveGroups`](/analytics/graphql-api/migration-guides/network-analytics-v2/node-reference/) <br/> `advancedTcpProtectionNetworkAnalyticsAdaptiveGroups` <br/> `advancedDnsProtectionNetworkAnalyticsAdaptiveGroups`                     |
-| API Shield                                 |                                                                      | US and EU <br/> [`apiGatewayGraphqlQueryAnalyticsGroups`](/api-shield/security/graphql-protection/configure/#gather-graphql-statistics) <br/> `apiGatewayMatchedSessionIDsAdaptiveGroups` <br/> US only <br/> `apiRequestSequencesGroups`                                                                                                                                                                                                                                                                                           |
+| API Shield                                 |                                                                      | US and EU <br/> [`apiGatewayGraphqlQueryAnalyticsGroups`](/api-shield/security/graphql-protection/api/#gather-graphql-statistics) <br/> `apiGatewayMatchedSessionIDsAdaptiveGroups` <br/> US only <br/> `apiRequestSequencesGroups`                                                                                                                                                                                                                                                                                           |
 | Bot Management                             |                                                                      | US and EU <br/>`httpRequestsAdaptive` <br/> [`httpRequestsAdaptiveGroups`](/analytics/graphql-api/migration-guides/graphql-api-analytics/) <br/> [`firewallEventsAdaptive`](/analytics/graphql-api/tutorials/querying-firewall-events/) <br/> [`firewallEventsAdaptiveGroups`](https://blog.cloudflare.com/how-we-used-our-new-graphql-api-to-build-firewall-analytics/)                                                                                                                                                            |
 | DNS Firewall                               | Same as DNS                                                          |
 | DMARC Management                           |                                                                      | US and EU <br/> `dmarcReportsAdaptive` <br/> `dmarcReportsSourcesAdaptiveGroups`                                                                                                                                                                                                                                                                                                                                                                                                                                                    |
diff --git a/src/content/docs/security/settings.mdx b/src/content/docs/security/settings.mdx
@@ -62,7 +62,7 @@ In the **API abuse** security module you can perform the following tasks:
 - Review information about [Endpoint Discovery](/api-shield/security/api-discovery/) (always enabled if included in your Enterprise subscriptions).
 - Enable [Sequence Discovery](/api-shield/security/sequence-analytics/) (requires that you configure a session identifier).
 - Enable [Schema Validation](/api-shield/security/schema-validation/) (requires that you upload a schema or apply a learned schema).
-- Enable [JWT Validation](/api-shield/security/jwt-validation/) (requires that you add a [JWT configuration](/api-shield/security/jwt-validation/configure/#token-configurations)).
+- Enable [JWT Validation](/api-shield/security/jwt-validation/) (requires that you add a [JWT configuration](/api-shield/security/jwt-validation/api/#token-configurations)).
 
 :::note
 The API abuse module includes features and settings from [API Shield](/api-shield/) in the previous dashboard navigation structure.
diff --git a/src/content/docs/waf/custom-rules/use-cases/check-jwt-claim-to-protect-admin-user.mdx b/src/content/docs/waf/custom-rules/use-cases/check-jwt-claim-to-protect-admin-user.mdx
@@ -7,7 +7,7 @@ head:
 ---
 
 :::note
-To use claims inside a JSON Web Token (JWT), you must first set up a [token validation configuration](/api-shield/security/jwt-validation/configure/) in API Shield.
+To use claims inside a JSON Web Token (JWT), you must first set up a [token validation configuration](/api-shield/security/jwt-validation/api/) in API Shield.
 :::
 
 This example configures additional protection for requests with a JSON Web Token (JWT) with a user claim of `admin`, based on the request's [attack score](/waf/detections/attack-score/).
diff --git a/src/content/docs/waf/rate-limiting-rules/parameters.mdx b/src/content/docs/waf/rate-limiting-rules/parameters.mdx
@@ -225,7 +225,7 @@ If you use **Cookie value of** as a rate limiting rule characteristic, follow th
 
 ### Requirements for using claims inside a JSON Web Token (JWT)
 
-To use claims inside a JSON Web Token (JWT), you must first set up a [token validation configuration](/api-shield/security/jwt-validation/configure/) in API Shield.
+To use claims inside a JSON Web Token (JWT), you must first set up a [token validation configuration](/api-shield/security/jwt-validation/api/) in API Shield.
 
 ## Configuration restrictions
 
diff --git a/src/content/partials/api-shield/set-up-session-identifiers.mdx b/src/content/partials/api-shield/set-up-session-identifiers.mdx
@@ -13,7 +13,7 @@ import { Steps } from "~/components"
    :::note
    The session identifier cookie must comply with RFC 6265. Otherwise, it will be rejected.
 
-   If you are using a JWT claim, choose the [Token Configuration](/api-shield/security/jwt-validation/configure/#token-configurations) that will verify the JWT. Token Configurations are required to use JWT claims as session identifiers. Refer to [JWT Validation](/api-shield/security/jwt-validation/) for more information.
+   If you are using a JWT claim, choose the [Token Configuration](/api-shield/security/jwt-validation/api/#token-configurations) that will verify the JWT. Token Configurations are required to use JWT claims as session identifiers. Refer to [JWT Validation](/api-shield/security/jwt-validation/) for more information.
    :::
 6. Enter the name of the session identifier.
 7. Select **Save**.

Original file line number	Diff line number	Diff line change
`@@ -107,7 +107,7 @@ curl --request PATCH "https://api.cloudflare.com/client/v4/zones/{zone_id}/api_g`
`107`	`107`	`}`
`108`	`108`	```
`109`	`109`
`110`		`-When a schema is active, it executes the mitigation action specified for each operation. Refer to [change the default and operation-specific mitigation action](/api-shield/security/schema-validation/configure/#change-the-default-and-operation-specific-mitigation-action).`
	`110`	`+When a schema is active, it executes the mitigation action specified for each operation. Refer to [change the default and operation-specific mitigation action](#change-the-default-and-operation-specific-mitigation-action).`
`111`	`111`
`112`	`112`	`### Add new operations to Endpoint Management`
`113`	`113`