[Yandex Cloud documentation](../../../index.md) > [Yandex API Gateway](../../index.md) > [Concepts](../index.md) > [Specification extensions](index.md) > Integration options > Smart Web Security

# x-yc-apigateway:smartWebSecurity extension

The `x-yc-apigateway:smartWebSecurity` extension uses rules set in the [Yandex Smart Web Security security profile](../../../smartwebsecurity/concepts/profiles.md) to protect an [API gateway](../index.md). For example, you can use the [basic rules](../../../smartwebsecurity/concepts/rules.md#base-rules) to block unwanted traffic or [Advanced Rate Limiter](../../../smartwebsecurity/concepts/arl.md) to limit the number of requests.

You only pay for those requests to an API gateway that were checked and not blocked. There is a separate fee for using the security profile as per the [Yandex Smart Web Security pricing policy](../../../smartwebsecurity/pricing.md).

## Supported parameters {#parameters}

The table below lists the parameters specific to API Gateway API gateways. You can find the description of other parameters in the [OpenAPI 3.0 specification](https://github.com/OAI/OpenAPI-Specification).

Parameter | Type | Description 
----|----|----
`securityProfileId` | `string` | Smart Web Security [security profile](../../../smartwebsecurity/concepts/profiles.md) ID

## Extension specification {#spec}

Specification example: 

```yaml
openapi: "3.0.0"

x-yc-apigateway:
  smartWebSecurity:
    securityProfileId: fev6q4qqnn2q********

info:
  version: 1.0.0
  title: Protected pet store
  license:
    name: MIT
paths:
  /:
    get:
      x-yc-apigateway-integration:
        type: dummy
        content:
          '*': "This pet store is protected by SWS!"
        http_code: 200
```

## Use cases {#examples}

* [Protecting API Gateway by integrating with Smart Web Security](../../tutorials/api-gw-sws-integration.md)