API:Protect

Token
To change a page's protection level, a protect token is required. This token is equal to the edit token and the same for all pages, but changes at every login. Protect tokens can be obtained via action=tokens with type=protect (MW 1.20+), or by using the following method:

Protecting pages
Pages can be protected with action=protect.

Parameters

 * : The page you want to protect.
 * : The token obtained in the previous request. Take care to urlencode the  as.
 * : A pipe-separated list of protections, formatted as, e.g.
 * If you want to remove a protection, use  as group, e.g.
 * If you leave out an action, the associated value won't be changed, i.e.  leaves the move protection untouched.
 * : Pipe-separated list of expiry timestamps in GNU timestamp format. The first timestamp applies to the first protection in, the second to the second, etc. The timestamps  ,   and   result in a protection that will never expire. Timestamps like   or   are also allowed, see the GNU web site for details.
 * The number of expiry timestamps must equal the number of protections, or you'll get an error message
 * An exception to this rule is made for backwards compatibility: if you specify exactly one expiry timestamp, it'll apply to all protections
 * Not setting this parameter is equivalent to setting it to
 * : The reason for the (un)protection (optional).
 * : If set, pages transcluded in the protected page will also be protected. If the required user level to edit is lower than the required user level to protect (e.g. edit=autoconfirmed), cascading can't be enabled, and this parameter will be silently ignored.
 * The latter is to prevent people who shouldn't be able to protect pages from protecting them anyway by transcluding them in a page with cascading protection.

Examples
Note: In this example, all parameters are passed in a GET request just for the sake of simplicity. However, action=protect requires POST requests; GET requests will cause an error.

Possible errors
In addition to the usual stuff: