Make sure you’ve requested Connect API access and set up a key in App Store Connect.
This example expects the relevant environment variables used to create a token to already be set.
Thankfully, this endpoint works whether data protection is already set or not. This means you can call it multiple times with different level values.
set_data_protection(bundle_id: 'com.some.bundle-id', level: 'COMPLETE_PROTECTION')
set_data_protection(bundle_id: 'com.some.bundle-id', level: 'PROTECTED_UNLESS_OPEN')
This is just example code. It could easily be modified to allow disabling data protection.
You could make this much more generic to handle enabling or disabling any capability.
I hope this helps you get past any blocks around data protection or capability settings!