Problem with Enabling/Disabling Rate Limiting rules via API

I am trying to enable/disable rate limiting rule via Cloudflare API. I used examples from documentation:

Unfortunately, the example to update the rule generates the error: ratelimit.api.validation_error:timeout and response are not allowed for action(challenge)

So I removed response and timeout from example and I receive the error: ratelimit.api.not_entitled.allow_method

I also tried to remove more parameters like headers and I receive errors like: ratelimit.api.unknown_error

I am using the exact examples from docs. I could paste my code here, but as I said it is exact copy from documentation. I use the API to turn on/off “I’m under attack mode” and it works. I have pro plan.

Could someone help me with enable/disable rule via Cloudflare API? I would appreciate working code in bash.



curl -X PUT "$zone_id/rate_limits/$rule_id" \
     -H "X-Auth-Email: $email" \
     -H "X-Auth-Key: $api_key" \
     -H "Content-Type: application/json" \
     --data '{"id":"my_rule_id","disabled":false,"description":"Prevent multiple login failures to mitigate brute force attacks","match":{"request":{"methods":["GET","POST"],"schemes":["HTTP","HTTPS"],"url":"**"},"response":{},"headers":[{"name":"Cf-Cache-Status","op":"ne","value":"HIT"}]},"bypass":[{"name":"url","value":"*"}],"threshold":60,"period":900,"action":{"mode":"challenge"}}'