API:Protect

Token
To change a page's protection level, a protect token is required. This token is equal to the edit token and the same for all pages, but changes at every login. Protect tokens can be obtained via action=tokens with type=protect (MW 1.20+), or by using the following method:

Protecting pages
Pages can be protected with action=protect.

Parameters

 * : The page you want to protect.
 * : The token obtained in the previous request. Take care to urlencode the  as.
 * : A pipe-separated list of protections, formatted as, e.g.
 * If you want to remove a protection, use  as group, e.g.
 * If you leave out an action, the associated value won't be changed, i.e.  leaves the move protection untouched.
 * : Pipe-separated list of expiry timestamps in GNU timestamp format. The first timestamp applies to the first protection in, the second to the second, etc. The timestamps  ,   and   result in a protection that will never expire. Timestamps like   or   are also allowed, see the GNU web site for details.
 * The number of expiry timestamps must equal the number of protections, or you'll get an error message
 * An exception to this rule is made for backwards compatibility: if you specify exactly one expiry timestamp, it'll apply to all protections
 * Not setting this parameter is equivalent to setting it to
 * : The reason for the (un)protection (optional).
 * : If set, pages transcluded in the protected page will also be protected. If the required user level to edit is lower than the required user level to protect (e.g. edit=autoconfirmed), cascading can't be enabled, and this parameter will be silently ignored.
 * The latter is to prevent people who shouldn't be able to protect pages from protecting them anyway by transcluding them in a page with cascading protection.

Examples
Note: In this example, all parameters are passed in a GET request just for the sake of simplicity. However, action=protect requires POST requests; GET requests will cause an error.

Possible errors
In addition to the usual stuff:


 * code: notitle
 * info: The title parameter must be set
 * code: notoken
 * info: The token parameter must be set
 * code: noprotections
 * info: The protections parameter must be set
 * code: invalidexpiry
 * info: Invalid expiry time ``expiry ''
 * This means the expiry timestamp was invalidly formatted, or is nonexistent (like November 31 or 24:05).
 * code: pastexpiry
 * info: Expiry time ``expiry '' is in the past
 * code: toofewexpiries
 * info: number expiry timestamps were provided where number were needed
 * Note that this error is misnamed: it's also thrown when you specify too many expiry times
 * code: cantedit
 * info: You can't protect this page because you can't edit it
 * code: create-titleexists
 * info: Existing titles can't be protected with 'create'
 * code: missingtitle-createonly
 * info: Missing titles can only be protected with 'create'
 * code: protect-invalidaction
 * info: Invalid protection type ``type ''
 * code: protect-invalidlevel
 * info: Invalid protection level ``level ''