mage4/magento2-rest-api-restriction

Restrict/Disabled Rest API Endpoints.

Maintainers

Package info

github.com/rehanmobin/magento2-rest-api-restriction

Type:magento2-module

pkg:composer/mage4/magento2-rest-api-restriction

Statistics

Installs: 0

Dependents: 0

Suggesters: 0

Stars: 0

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

1.2.0 2026-03-31 11:27 UTC

Requires

OSL-3.0, AFL-3.0 dac2407a71cb300a1df8df2545140e831c041b09

webapimagentoREST APIapi securitymagento2magento 2magento 2 modulemagento 2 extensionmagento extensionmagento modulemage4magento webapirest endpoint restrictionapi restrictionapi access controldisable api endpointdisable rest apirestrict rest apirestrict api endpointsendpoint blockerendpoint restriction

This package is auto-updated.

Last update: 2026-03-31 11:28:22 UTC

README

Overview

Mage4 Rest API Restriction is a Magento 2 extension that allows store administrators to disable selected REST API endpoints without modifying core code or creating endpoint-specific plugins.

The module provides a generic admin configuration where blocked REST API endpoints can be listed one per line. When a request matches one of the configured endpoint patterns, the module throws a 403 Forbidden API response with a clear error message.

This extension is useful for merchants and developers who want to harden API access, disable unused endpoints, or temporarily restrict selected REST routes.

Install via composer

composer require mage4/magento2-rest-api-restriction

php bin/magento setup:upgrade
php bin/magento setup:di:compile
php bin/magento setup:static-content:deploy

Features

  • Enable or disable the module from Magento admin
  • Restrict specific Magento REST API endpoints
  • Configure blocked endpoints from Stores > Configuration > MAGE4 EXTENSIONS > REST API RESTRICTION
  • Supports Magento-style route placeholders such as:
    • :cartId
    • :sku
    • :attributeCode
  • Returns a proper JSON API error response
  • Uses a generic validation approach instead of endpoint-specific plugins
  • Helps improve API security by disabling unnecessary REST endpoints

Supported Endpoint Pattern Examples

You can configure blocked endpoints like:

/V1/customers/me
/V1/guest-carts/:cartId
/V1/guest-carts/:cartId/totals
/V1/products/:sku
/V1/products/:sku/options
/V1/products/attributes/:attributeCode/is-filterable/:isFilterable

About us

We’re an innovative development agency building awesome websites, webshops and web applications with Latest Technologies. Check out our website mage4.com or email us at contact@mage4.com | rehan@mage4.com.