# Validating YAML files

When using the [Detection Rules as Code](https://docs.scanner.dev/scanner/using-scanner-complete-feature-reference/detections-and-alerting/detection-rules/detection-rules-as-code) feature, you can use the API to check that your detection rules are valid and the tests pass in Scanner before checking them into Github.

This is an API endpoint designed for use with automated processes; if you just want a fast and easy way to locally validate your detection rules, you probably want the [Scanner CLI](https://docs.scanner.dev/scanner/using-scanner-complete-feature-reference/detections-and-alerting/detection-rules/detection-rules-as-code/cli) instead.

We have the following APIs for validating detection rules and running detection rule tests.

**Note:** this API is for a beta feature, and may be subject to change.

## Validate detection rule

<mark style="color:green;">**`POST`**</mark> `/v1/detection_rule_yaml/validate`

Validate a detection rule YAML.

**Example**

```bash
curl $API_BASE/v1/detection_rule_yaml/validate \
-H "Authorization: Bearer $SCANNER_API_KEY" \
-X POST \
--data-binary @src/some_detection.yaml
```

**Response**

Returns whether the detection rule `is_valid` and any `error` messages. `error` is `null` if the detection rule is valid.

```bash
{
  "is_valid":true,
  "error":null
}
```

## Run detection rule tests

<mark style="color:green;">**`POST`**</mark> `/v1/detection_rule_yaml/run_tests`

Run tests specified in the given detection rule YAML.

**Example**

```bash
curl $API_BASE/v1/detection_rule_yaml/run_tests \
-H "Authorization: Bearer $SCANNER_API_KEY" \
-X POST \
--data-binary @src/some_detection.yaml
```

**Response**

Returns `results`, a map of test names to their corresponding status (passed or failed). `results` is empty if there are no tests found in the given file.

```bash
{
  "results": {
    "Example detection rule": "Passed"
  }
}
```