Sophos UTM: Decommissioning of obsolete URL categorization services CFFS.Click here for important info.

New APIs - anyone managed to master adding new exclusions?

I'm working with the new policy APIs for our Central Enterprise instance.  I can drill into one of our customers and pull back all the policy settings for all policies easily enough, & I'm happy that I'm correctly authenticated.

However, I'm trying to make a PATCH request to the /settings/endpoint.threat-protection.exclusions.scanning with a JSON package download but am hitting "badRequest" errors, with a message of "Setting must include a value field".

I've formed my JSON to what I can see on the API documentation at Endpoint Policy Settings Object Schemas | Sophos Central APIs but I've clearly got something wrong.

No magic wand from support yet & have scoured the docs & am either missing a pointer or it's not there!.  With this command I'm trying to add a new exclusion for on demand & access to a specific policy.  Anyone able to point out my obvious mistakes?


Ash - JSON follows:

  "properties": {
    "scanMode": {
      "enum": [
    "type": {
      "enum": [
    "value": {
      "type": "c:\\temp\\MytestFile.txt"
    "required": [
  "$id": "">",
  "$schema": "">",
  "type": "object"

Added tags
[edited by: Gladys at 12:13 PM (GMT -7) on 8 Aug 2022]