Using the below steps you can use Cloudflare API Shield to identify and address API vulnerabilities.

1. Login to Cloudflare your account.
2. Select the domain you want to configure from the homepage.
3. In the left sidebar, under "Security", select "API Shield".
4. In the "Endpoint Management" tab, click on "+ Add Endpoints" to add the endpoints that you want to configure. You can either add manually, or upload the OpenAPI schema for bulk upload.
5. Wait for a few minutes for the data to populate and then take actions on each endpoint like adding rate limiting.
6. [Optional] You can also add session identifiers to generate rate limiting recommendations.

NOTE: If you do not see the data populated even after adding the endpoints, please ensure that the subdomain you are tracking is NOT DNS only and has Proxied enabled in DNS Management on Cloudflare.

‍