> ## Documentation Index
> Fetch the complete documentation index at: https://docs.fingerprint.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Bulk create/update filtering rules

> Creates or updates multiple filtering rules at once. In "merge" mode (default), rules with IDs are updated and rules without IDs are created. In "overwrite" mode, all existing rules for the given environment are deleted and replaced with the provided rules.



## OpenAPI

````yaml reference/management-api_2025-11-20.json POST /filtering-rules/bulk
openapi: 3.0.0
info:
  title: Management API
  description: >-
    Managment API allows you to manage your Fingerprint account and applications
    programmatically from a server environment.
  version: '2025-11-20'
  contact: {}
servers:
  - url: https://management-api.fpjs.io
security:
  - Management-API-key: []
tags: []
paths:
  /filtering-rules/bulk:
    post:
      tags:
        - filtering-rules
      summary: Bulk create/update filtering rules
      description: >-
        Creates or updates multiple filtering rules at once. In "merge" mode
        (default), rules with IDs are updated and rules without IDs are created.
        In "overwrite" mode, all existing rules for the given environment are
        deleted and replaced with the provided rules.
      operationId: FilteringRulesV2Controller_bulk
      parameters:
        - name: X-API-Version
          in: header
          description: Management API version.
          example: '2025-11-20'
          required: true
          schema:
            type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/BulkFilteringRulesDtoV2'
      responses:
        '200':
          description: List of created/updated filtering rules.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/76818c770704cb8ff0d6e'
        '400':
          description: 'Error: Bad request.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationApiExceptionDto'
        '401':
          description: 'Error: Invalid API key.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiExceptionDto'
        '403':
          description: Forbidden. Insufficient permissions.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiExceptionDto'
        '422':
          description: 'Error: Payload parameters are invalid.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationApiExceptionDto'
        '429':
          description: 'Error: API key has exceeded its rate limit.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiExceptionDto'
components:
  schemas:
    BulkFilteringRulesDtoV2:
      type: object
      properties:
        rules:
          description: Array of filtering rules to create or update
          type: array
          items:
            $ref: '#/components/schemas/BulkFilteringRuleItemDto'
        mode:
          type: string
          enum:
            - merge
            - overwrite
          description: >-
            Mode for bulk operation. "merge" (default) updates existing rules
            and creates new ones. "overwrite" deletes all existing rules for the
            environment and creates new ones.
          default: merge
        environment:
          type: string
          description: Environment ID
          example: ae_rrETjdWcfqI6AFsk
      required:
        - rules
        - environment
    76818c770704cb8ff0d6e:
      type: object
      properties:
        data:
          type: array
          items:
            $ref: '#/components/schemas/FilteringRuleResponseDtoV2'
      required:
        - data
    ValidationApiExceptionDto:
      type: object
      properties:
        error:
          $ref: '#/components/schemas/BaseValidationApiExceptionDto'
      required:
        - error
    ApiExceptionDto:
      type: object
      properties:
        error:
          $ref: '#/components/schemas/BaseApiExceptionDto'
      required:
        - error
    BulkFilteringRuleItemDto:
      type: object
      properties:
        name:
          type: string
          description: Name of the filtering rule
          example: Block suspicious IPs
        expression:
          type: string
          description: Expression in expr-lang format that defines the rule condition
          example: http.request.ip in cidr('192.168.1.1/32')
        action:
          type: string
          enum:
            - allow
            - deny
          description: Action to take when the rule matches
          example: deny
        status:
          type: string
          enum:
            - enabled
            - disabled
          description: Status of the filtering rule
          default: enabled
        deny_with:
          type: string
          enum:
            - Forbidden
          description: Error message to return when denying a request
          example: Forbidden
        placement:
          description: Placement options for the rule
          allOf:
            - $ref: '#/components/schemas/PlacementDto'
      required:
        - name
        - expression
        - action
    FilteringRuleResponseDtoV2:
      type: object
      properties:
        id:
          type: string
          description: Auto-generated ID for the filtering rule
          example: tr_abc123xyz
        name:
          type: string
          description: Name of the filtering rule
          example: Block suspicious IPs
        environment:
          type: string
          description: Environment ID the rule belongs to
          example: ae_rrETjdWcfqI6AFsk
        expression:
          type: string
          description: Expression in expr-lang format that defines the rule condition
          example: http.request.ip in cidr('192.168.1.1/32')
        action:
          type: string
          enum:
            - allow
            - deny
          description: Action to take when the rule matches
          example: deny
        status:
          type: string
          enum:
            - enabled
            - disabled
          description: Status of the filtering rule
          example: enabled
        deny_with:
          type: string
          nullable: true
          description: Error message to return when denying a request
          example: Forbidden
        created_at:
          format: date-time
          type: string
          description: Date when the rule was created
          example: '2024-05-31T01:24:39.506Z'
        updated_at:
          format: date-time
          type: string
          nullable: true
          description: Date when the rule was last updated
          example: '2024-06-01T10:15:30.123Z'
      required:
        - id
        - name
        - environment
        - expression
        - action
        - status
        - created_at
    BaseValidationApiExceptionDto:
      type: object
      properties:
        message:
          type: string
          description: Verbal description of the error.
        code:
          type: string
          description: Error code.
        violations:
          description: List of validation violations.
          type: array
          items:
            $ref: '#/components/schemas/BaseValidationApiExceptionViolationDto'
      required:
        - message
        - code
    BaseApiExceptionDto:
      type: object
      properties:
        message:
          type: string
          description: Verbal description of the error.
        code:
          type: string
          description: Error code.
      required:
        - message
        - code
    PlacementDto:
      type: object
      properties:
        position:
          type: number
          description: Position index to insert the rule at
          minimum: 0
        after:
          type: string
          description: ID of the rule to insert after
        before:
          type: string
          description: ID of the rule to insert before
    BaseValidationApiExceptionViolationDto:
      type: object
      properties:
        property:
          type: string
          description: Property that has failed validation.
        message:
          type: string
          description: Description of the violation.
      required:
        - property
        - message
  securitySchemes:
    Management-API-key:
      scheme: bearer
      bearerFormat: JWT
      type: http

````