Validator execution is governed by scenario, not assignment source. The model has no way of "knowing" where the values came from.
Is there a reason you’re not using massive assignment? By assigning them individually your ‘safe’ assignment rules WILL BE IGNORED. Something like $model->attributes = $_GET[‘ClassName’] is preferable to what you’re doing if you can swing it.
In any case, it’s not considered good practice to do resource modification using GET. The GET HTTP method means “retrieve the resource”. If you’re creating or editing a resource try using POST or PUT.
If you’re dealing with developers (and with an API you must be, right?) I would use GET and POST methods to differentiate between getting data and adding new data to the database. Eg:
Others might recommend support for the PUT and DELETE methods, but DELETE is relatively unknown and I don’t think many will care about the POST/PUT distinction.
See also the new Paypal API docs for some good examples.