api – Block many wrong requests via PHP

I have an API that requires a security token to run.
Is it possible to use Fail2Ban or ModEvasive to block access from IPs that often try to access the API with an incorrect token?

I use PHP to receive these requests, is it possible with it to inform Fail2Ban or ModEvasive that the user’s IP should be blocked (temporarily), for example, after 10 failed attempts?