# IAM # Permission Groups ## List Account Permission Groups `client.IAM.PermissionGroups.List(ctx, params) (*V4PagePaginationArray[PermissionGroupListResponse], error)` **get** `/accounts/{account_id}/iam/permission_groups` List all the permissions groups for an account. ### Parameters - `params PermissionGroupListParams` - `AccountID param.Field[string]` Path param: Account identifier tag. - `ID param.Field[string]` Query param: ID of the permission group to be fetched. - `Label param.Field[string]` Query param: Label of the permission group to be fetched. - `Name param.Field[string]` Query param: Name of the permission group to be fetched. - `Page param.Field[float64]` Query param: Page number of paginated results. - `PerPage param.Field[float64]` Query param: Maximum number of results per page. ### Returns - `type PermissionGroupListResponse struct{…}` A named group of permissions that map to a group of operations against resources. - `ID string` Identifier of the permission group. - `Meta PermissionGroupListResponseMeta` Attributes associated to the permission group. - `Key string` - `Value string` - `Name string` Name of the permission group. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.IAM.PermissionGroups.List(context.TODO(), iam.PermissionGroupListParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "c8fed203ed3043cba015a93ad1616f1f", "meta": { "key": "key", "value": "value" }, "name": "Zone Read" }, { "id": "82e64a83756745bbbb1c9c2701bf816b", "meta": { "key": "key", "value": "value" }, "name": "Magic Network Monitoring" } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Permission Group Details `client.IAM.PermissionGroups.Get(ctx, permissionGroupID, query) (*PermissionGroupGetResponse, error)` **get** `/accounts/{account_id}/iam/permission_groups/{permission_group_id}` Get information about a specific permission group in an account. ### Parameters - `permissionGroupID string` Permission Group identifier tag. - `query PermissionGroupGetParams` - `AccountID param.Field[string]` Account identifier tag. ### Returns - `type PermissionGroupGetResponse struct{…}` A named group of permissions that map to a group of operations against resources. - `ID string` Identifier of the permission group. - `Meta PermissionGroupGetResponseMeta` Attributes associated to the permission group. - `Key string` - `Value string` - `Name string` Name of the permission group. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) permissionGroup, err := client.IAM.PermissionGroups.Get( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", iam.PermissionGroupGetParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", permissionGroup.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "6d7f2f5f5b1d4a0e9081fdc98d432fd1", "meta": { "key": "key", "value": "value" }, "name": "Load Balancer" } } ``` # Resource Groups ## List Resource Groups `client.IAM.ResourceGroups.List(ctx, params) (*SinglePage[ResourceGroupListResponse], error)` **get** `/accounts/{account_id}/iam/resource_groups` List all the resource groups for an account. ### Parameters - `params ResourceGroupListParams` - `AccountID param.Field[string]` Path param: Account identifier tag. - `ID param.Field[string]` Query param: ID of the resource group to be fetched. - `Name param.Field[string]` Query param: Name of the resource group to be fetched. ### Returns - `type ResourceGroupListResponse struct{…}` A group of scoped resources. - `ID string` Identifier of the resource group. - `Scope []ResourceGroupListResponseScope` The scope associated to the resource group - `Key string` This is a combination of pre-defined resource name and identifier (like Account ID etc.) - `Objects []ResourceGroupListResponseScopeObject` A list of scope objects for additional context. - `Key string` This is a combination of pre-defined resource name and identifier (like Zone ID etc.) - `Meta ResourceGroupListResponseMeta` Attributes associated to the resource group. - `Key string` - `Value string` - `Name string` Name of the resource group. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.IAM.ResourceGroups.List(context.TODO(), iam.ResourceGroupListParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "6d7f2f5f5b1d4a0e9081fdc98d432fd1", "scope": [ { "key": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4", "objects": [ { "key": "com.cloudflare.api.account.zone.23f8d65290b24279ba6f44721b3eaad5" } ] } ], "meta": { "key": "key", "value": "value" }, "name": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4" } ] } ``` ## Resource Group Details `client.IAM.ResourceGroups.Get(ctx, resourceGroupID, query) (*ResourceGroupGetResponse, error)` **get** `/accounts/{account_id}/iam/resource_groups/{resource_group_id}` Get information about a specific resource group in an account. ### Parameters - `resourceGroupID string` Resource Group identifier tag. - `query ResourceGroupGetParams` - `AccountID param.Field[string]` Account identifier tag. ### Returns - `type ResourceGroupGetResponse struct{…}` A group of scoped resources. - `ID string` Identifier of the resource group. - `Scope []ResourceGroupGetResponseScope` The scope associated to the resource group - `Key string` This is a combination of pre-defined resource name and identifier (like Account ID etc.) - `Objects []ResourceGroupGetResponseScopeObject` A list of scope objects for additional context. - `Key string` This is a combination of pre-defined resource name and identifier (like Zone ID etc.) - `Meta ResourceGroupGetResponseMeta` Attributes associated to the resource group. - `Key string` - `Value string` - `Name string` Name of the resource group. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) resourceGroup, err := client.IAM.ResourceGroups.Get( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", iam.ResourceGroupGetParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", resourceGroup.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "6d7f2f5f5b1d4a0e9081fdc98d432fd1", "scope": [ { "key": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4", "objects": [ { "key": "com.cloudflare.api.account.zone.23f8d65290b24279ba6f44721b3eaad5" } ] } ], "meta": { "key": "key", "value": "value" }, "name": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4" } } ``` ## Create Resource Group `client.IAM.ResourceGroups.New(ctx, params) (*ResourceGroupNewResponse, error)` **post** `/accounts/{account_id}/iam/resource_groups` Create a new Resource Group under the specified account. ### Parameters - `params ResourceGroupNewParams` - `AccountID param.Field[string]` Path param: Account identifier tag. - `Name param.Field[string]` Body param: Name of the resource group - `Scope param.Field[ResourceGroupNewParamsScope]` Body param: A scope is a combination of scope objects which provides additional context. - `Key string` This is a combination of pre-defined resource name and identifier (like Account ID etc.) - `Objects []ResourceGroupNewParamsScopeObject` A list of scope objects for additional context. The number of Scope objects should not be zero. - `Key string` This is a combination of pre-defined resource name and identifier (like Zone ID etc.) ### Returns - `type ResourceGroupNewResponse struct{…}` A group of scoped resources. - `ID string` Identifier of the resource group. - `Scope []ResourceGroupNewResponseScope` The scope associated to the resource group - `Key string` This is a combination of pre-defined resource name and identifier (like Account ID etc.) - `Objects []ResourceGroupNewResponseScopeObject` A list of scope objects for additional context. - `Key string` This is a combination of pre-defined resource name and identifier (like Zone ID etc.) - `Meta ResourceGroupNewResponseMeta` Attributes associated to the resource group. - `Key string` - `Value string` - `Name string` Name of the resource group. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) resourceGroup, err := client.IAM.ResourceGroups.New(context.TODO(), iam.ResourceGroupNewParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Name: cloudflare.F("NewResourceGroup"), Scope: cloudflare.F(iam.ResourceGroupNewParamsScope{ Key: cloudflare.F("com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4"), Objects: cloudflare.F([]iam.ResourceGroupNewParamsScopeObject{iam.ResourceGroupNewParamsScopeObject{ Key: cloudflare.F("com.cloudflare.api.account.zone.23f8d65290b24279ba6f44721b3eaad5"), }}), }), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", resourceGroup.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "6d7f2f5f5b1d4a0e9081fdc98d432fd1", "scope": [ { "key": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4", "objects": [ { "key": "com.cloudflare.api.account.zone.23f8d65290b24279ba6f44721b3eaad5" } ] } ], "meta": { "key": "key", "value": "value" }, "name": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4" } } ``` ## Update Resource Group `client.IAM.ResourceGroups.Update(ctx, resourceGroupID, params) (*ResourceGroupUpdateResponse, error)` **put** `/accounts/{account_id}/iam/resource_groups/{resource_group_id}` Modify an existing resource group. ### Parameters - `resourceGroupID string` Resource Group identifier tag. - `params ResourceGroupUpdateParams` - `AccountID param.Field[string]` Path param: Account identifier tag. - `Name param.Field[string]` Body param: Name of the resource group - `Scope param.Field[ResourceGroupUpdateParamsScope]` Body param: A scope is a combination of scope objects which provides additional context. - `Key string` This is a combination of pre-defined resource name and identifier (like Account ID etc.) - `Objects []ResourceGroupUpdateParamsScopeObject` A list of scope objects for additional context. The number of Scope objects should not be zero. - `Key string` This is a combination of pre-defined resource name and identifier (like Zone ID etc.) ### Returns - `type ResourceGroupUpdateResponse struct{…}` A group of scoped resources. - `ID string` Identifier of the resource group. - `Scope []ResourceGroupUpdateResponseScope` The scope associated to the resource group - `Key string` This is a combination of pre-defined resource name and identifier (like Account ID etc.) - `Objects []ResourceGroupUpdateResponseScopeObject` A list of scope objects for additional context. - `Key string` This is a combination of pre-defined resource name and identifier (like Zone ID etc.) - `Meta ResourceGroupUpdateResponseMeta` Attributes associated to the resource group. - `Key string` - `Value string` - `Name string` Name of the resource group. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) resourceGroup, err := client.IAM.ResourceGroups.Update( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", iam.ResourceGroupUpdateParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", resourceGroup.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "6d7f2f5f5b1d4a0e9081fdc98d432fd1", "scope": [ { "key": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4", "objects": [ { "key": "com.cloudflare.api.account.zone.23f8d65290b24279ba6f44721b3eaad5" } ] } ], "meta": { "key": "key", "value": "value" }, "name": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4" } } ``` ## Remove Resource Group `client.IAM.ResourceGroups.Delete(ctx, resourceGroupID, body) (*ResourceGroupDeleteResponse, error)` **delete** `/accounts/{account_id}/iam/resource_groups/{resource_group_id}` Remove a resource group from an account. ### Parameters - `resourceGroupID string` Resource Group identifier tag. - `body ResourceGroupDeleteParams` - `AccountID param.Field[string]` Account identifier tag. ### Returns - `type ResourceGroupDeleteResponse struct{…}` - `ID string` Identifier ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) resourceGroup, err := client.IAM.ResourceGroups.Delete( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", iam.ResourceGroupDeleteParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", resourceGroup.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353" } } ``` # User Groups ## List User Groups `client.IAM.UserGroups.List(ctx, params) (*V4PagePaginationArray[UserGroupListResponse], error)` **get** `/accounts/{account_id}/iam/user_groups` List all the user groups for an account. ### Parameters - `params UserGroupListParams` - `AccountID param.Field[string]` Path param: Account identifier tag. - `ID param.Field[string]` Query param: ID of the user group to be fetched. - `Direction param.Field[string]` Query param: The sort order of returned user groups by name. Default sort order is ascending. To switch to descending, set this parameter to "desc" - `FuzzyName param.Field[string]` Query param: A string used for searching for user groups containing that substring. - `Name param.Field[string]` Query param: Name of the user group to be fetched. - `Page param.Field[float64]` Query param: Page number of paginated results. - `PerPage param.Field[float64]` Query param: Maximum number of results per page. ### Returns - `type UserGroupListResponse struct{…}` A group of policies resources. - `ID string` User Group identifier tag. - `CreatedOn Time` Timestamp for the creation of the user group - `ModifiedOn Time` Last time the user group was modified. - `Name string` Name of the user group. - `Policies []UserGroupListResponsePolicy` Policies attached to the User group - `ID string` Policy identifier. - `Access UserGroupListResponsePoliciesAccess` Allow or deny operations against the resources. - `const UserGroupListResponsePoliciesAccessAllow UserGroupListResponsePoliciesAccess = "allow"` - `const UserGroupListResponsePoliciesAccessDeny UserGroupListResponsePoliciesAccess = "deny"` - `PermissionGroups []UserGroupListResponsePoliciesPermissionGroup` A set of permission groups that are specified to the policy. - `ID string` Identifier of the permission group. - `Meta UserGroupListResponsePoliciesPermissionGroupsMeta` Attributes associated to the permission group. - `Key string` - `Value string` - `Name string` Name of the permission group. - `ResourceGroups []UserGroupListResponsePoliciesResourceGroup` A list of resource groups that the policy applies to. - `ID string` Identifier of the resource group. - `Scope []UserGroupListResponsePoliciesResourceGroupsScope` The scope associated to the resource group - `Key string` This is a combination of pre-defined resource name and identifier (like Account ID etc.) - `Objects []UserGroupListResponsePoliciesResourceGroupsScopeObject` A list of scope objects for additional context. - `Key string` This is a combination of pre-defined resource name and identifier (like Zone ID etc.) - `Meta UserGroupListResponsePoliciesResourceGroupsMeta` Attributes associated to the resource group. - `Key string` - `Value string` - `Name string` Name of the resource group. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"), option.WithAPIEmail("user@example.com"), ) page, err := client.IAM.UserGroups.List(context.TODO(), iam.UserGroupListParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2024-03-01T12:21:02.0000Z", "modified_on": "2024-03-01T12:21:02.0000Z", "name": "My New User Group", "policies": [ { "id": "f267e341f3dd4697bd3b9f71dd96247f", "access": "allow", "permission_groups": [ { "id": "c8fed203ed3043cba015a93ad1616f1f", "meta": { "key": "key", "value": "value" }, "name": "Zone Read" }, { "id": "82e64a83756745bbbb1c9c2701bf816b", "meta": { "key": "key", "value": "value" }, "name": "Magic Network Monitoring" } ], "resource_groups": [ { "id": "6d7f2f5f5b1d4a0e9081fdc98d432fd1", "scope": [ { "key": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4", "objects": [ { "key": "com.cloudflare.api.account.zone.23f8d65290b24279ba6f44721b3eaad5" } ] } ], "meta": { "key": "key", "value": "value" }, "name": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4" } ] } ] } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## User Group Details `client.IAM.UserGroups.Get(ctx, userGroupID, query) (*UserGroupGetResponse, error)` **get** `/accounts/{account_id}/iam/user_groups/{user_group_id}` Get information about a specific user group in an account. ### Parameters - `userGroupID string` User Group identifier tag. - `query UserGroupGetParams` - `AccountID param.Field[string]` Account identifier tag. ### Returns - `type UserGroupGetResponse struct{…}` A group of policies resources. - `ID string` User Group identifier tag. - `CreatedOn Time` Timestamp for the creation of the user group - `ModifiedOn Time` Last time the user group was modified. - `Name string` Name of the user group. - `Policies []UserGroupGetResponsePolicy` Policies attached to the User group - `ID string` Policy identifier. - `Access UserGroupGetResponsePoliciesAccess` Allow or deny operations against the resources. - `const UserGroupGetResponsePoliciesAccessAllow UserGroupGetResponsePoliciesAccess = "allow"` - `const UserGroupGetResponsePoliciesAccessDeny UserGroupGetResponsePoliciesAccess = "deny"` - `PermissionGroups []UserGroupGetResponsePoliciesPermissionGroup` A set of permission groups that are specified to the policy. - `ID string` Identifier of the permission group. - `Meta UserGroupGetResponsePoliciesPermissionGroupsMeta` Attributes associated to the permission group. - `Key string` - `Value string` - `Name string` Name of the permission group. - `ResourceGroups []UserGroupGetResponsePoliciesResourceGroup` A list of resource groups that the policy applies to. - `ID string` Identifier of the resource group. - `Scope []UserGroupGetResponsePoliciesResourceGroupsScope` The scope associated to the resource group - `Key string` This is a combination of pre-defined resource name and identifier (like Account ID etc.) - `Objects []UserGroupGetResponsePoliciesResourceGroupsScopeObject` A list of scope objects for additional context. - `Key string` This is a combination of pre-defined resource name and identifier (like Zone ID etc.) - `Meta UserGroupGetResponsePoliciesResourceGroupsMeta` Attributes associated to the resource group. - `Key string` - `Value string` - `Name string` Name of the resource group. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"), option.WithAPIEmail("user@example.com"), ) userGroup, err := client.IAM.UserGroups.Get( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", iam.UserGroupGetParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", userGroup.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2024-03-01T12:21:02.0000Z", "modified_on": "2024-03-01T12:21:02.0000Z", "name": "My New User Group", "policies": [ { "id": "f267e341f3dd4697bd3b9f71dd96247f", "access": "allow", "permission_groups": [ { "id": "c8fed203ed3043cba015a93ad1616f1f", "meta": { "key": "key", "value": "value" }, "name": "Zone Read" }, { "id": "82e64a83756745bbbb1c9c2701bf816b", "meta": { "key": "key", "value": "value" }, "name": "Magic Network Monitoring" } ], "resource_groups": [ { "id": "6d7f2f5f5b1d4a0e9081fdc98d432fd1", "scope": [ { "key": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4", "objects": [ { "key": "com.cloudflare.api.account.zone.23f8d65290b24279ba6f44721b3eaad5" } ] } ], "meta": { "key": "key", "value": "value" }, "name": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4" } ] } ] } } ``` ## Create User Group `client.IAM.UserGroups.New(ctx, params) (*UserGroupNewResponse, error)` **post** `/accounts/{account_id}/iam/user_groups` Create a new user group under the specified account. ### Parameters - `params UserGroupNewParams` - `AccountID param.Field[string]` Path param: Account identifier tag. - `Name param.Field[string]` Body param: Name of the User group. - `Policies param.Field[[]UserGroupNewParamsPolicy]` Body param: Policies attached to the User group - `Access UserGroupNewParamsPoliciesAccess` Allow or deny operations against the resources. - `const UserGroupNewParamsPoliciesAccessAllow UserGroupNewParamsPoliciesAccess = "allow"` - `const UserGroupNewParamsPoliciesAccessDeny UserGroupNewParamsPoliciesAccess = "deny"` - `PermissionGroups []UserGroupNewParamsPoliciesPermissionGroup` A set of permission groups that are specified to the policy. - `ID string` Permission Group identifier tag. - `ResourceGroups []UserGroupNewParamsPoliciesResourceGroup` A set of resource groups that are specified to the policy. - `ID string` Resource Group identifier tag. ### Returns - `type UserGroupNewResponse struct{…}` A group of policies resources. - `ID string` User Group identifier tag. - `CreatedOn Time` Timestamp for the creation of the user group - `ModifiedOn Time` Last time the user group was modified. - `Name string` Name of the user group. - `Policies []UserGroupNewResponsePolicy` Policies attached to the User group - `ID string` Policy identifier. - `Access UserGroupNewResponsePoliciesAccess` Allow or deny operations against the resources. - `const UserGroupNewResponsePoliciesAccessAllow UserGroupNewResponsePoliciesAccess = "allow"` - `const UserGroupNewResponsePoliciesAccessDeny UserGroupNewResponsePoliciesAccess = "deny"` - `PermissionGroups []UserGroupNewResponsePoliciesPermissionGroup` A set of permission groups that are specified to the policy. - `ID string` Identifier of the permission group. - `Meta UserGroupNewResponsePoliciesPermissionGroupsMeta` Attributes associated to the permission group. - `Key string` - `Value string` - `Name string` Name of the permission group. - `ResourceGroups []UserGroupNewResponsePoliciesResourceGroup` A list of resource groups that the policy applies to. - `ID string` Identifier of the resource group. - `Scope []UserGroupNewResponsePoliciesResourceGroupsScope` The scope associated to the resource group - `Key string` This is a combination of pre-defined resource name and identifier (like Account ID etc.) - `Objects []UserGroupNewResponsePoliciesResourceGroupsScopeObject` A list of scope objects for additional context. - `Key string` This is a combination of pre-defined resource name and identifier (like Zone ID etc.) - `Meta UserGroupNewResponsePoliciesResourceGroupsMeta` Attributes associated to the resource group. - `Key string` - `Value string` - `Name string` Name of the resource group. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"), option.WithAPIEmail("user@example.com"), ) userGroup, err := client.IAM.UserGroups.New(context.TODO(), iam.UserGroupNewParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Name: cloudflare.F("My New User Group"), Policies: cloudflare.F([]iam.UserGroupNewParamsPolicy{iam.UserGroupNewParamsPolicy{ Access: cloudflare.F(iam.UserGroupNewParamsPoliciesAccessAllow), PermissionGroups: cloudflare.F([]iam.UserGroupNewParamsPoliciesPermissionGroup{iam.UserGroupNewParamsPoliciesPermissionGroup{ ID: cloudflare.F("c8fed203ed3043cba015a93ad1616f1f"), }, iam.UserGroupNewParamsPoliciesPermissionGroup{ ID: cloudflare.F("82e64a83756745bbbb1c9c2701bf816b"), }}), ResourceGroups: cloudflare.F([]iam.UserGroupNewParamsPoliciesResourceGroup{iam.UserGroupNewParamsPoliciesResourceGroup{ ID: cloudflare.F("6d7f2f5f5b1d4a0e9081fdc98d432fd1"), }}), }}), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", userGroup.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2024-03-01T12:21:02.0000Z", "modified_on": "2024-03-01T12:21:02.0000Z", "name": "My New User Group", "policies": [ { "id": "f267e341f3dd4697bd3b9f71dd96247f", "access": "allow", "permission_groups": [ { "id": "c8fed203ed3043cba015a93ad1616f1f", "meta": { "key": "key", "value": "value" }, "name": "Zone Read" }, { "id": "82e64a83756745bbbb1c9c2701bf816b", "meta": { "key": "key", "value": "value" }, "name": "Magic Network Monitoring" } ], "resource_groups": [ { "id": "6d7f2f5f5b1d4a0e9081fdc98d432fd1", "scope": [ { "key": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4", "objects": [ { "key": "com.cloudflare.api.account.zone.23f8d65290b24279ba6f44721b3eaad5" } ] } ], "meta": { "key": "key", "value": "value" }, "name": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4" } ] } ] } } ``` ## Update User Group `client.IAM.UserGroups.Update(ctx, userGroupID, params) (*UserGroupUpdateResponse, error)` **put** `/accounts/{account_id}/iam/user_groups/{user_group_id}` Modify an existing user group. ### Parameters - `userGroupID string` User Group identifier tag. - `params UserGroupUpdateParams` - `AccountID param.Field[string]` Path param: Account identifier tag. - `Name param.Field[string]` Body param: Name of the User group. - `Policies param.Field[[]UserGroupUpdateParamsPolicy]` Body param: Policies attached to the User group - `ID string` Policy identifier. - `Access UserGroupUpdateParamsPoliciesAccess` Allow or deny operations against the resources. - `const UserGroupUpdateParamsPoliciesAccessAllow UserGroupUpdateParamsPoliciesAccess = "allow"` - `const UserGroupUpdateParamsPoliciesAccessDeny UserGroupUpdateParamsPoliciesAccess = "deny"` - `PermissionGroups []UserGroupUpdateParamsPoliciesPermissionGroup` A set of permission groups that are specified to the policy. - `ID string` Permission Group identifier tag. - `ResourceGroups []UserGroupUpdateParamsPoliciesResourceGroup` A set of resource groups that are specified to the policy. - `ID string` Resource Group identifier tag. ### Returns - `type UserGroupUpdateResponse struct{…}` A group of policies resources. - `ID string` User Group identifier tag. - `CreatedOn Time` Timestamp for the creation of the user group - `ModifiedOn Time` Last time the user group was modified. - `Name string` Name of the user group. - `Policies []UserGroupUpdateResponsePolicy` Policies attached to the User group - `ID string` Policy identifier. - `Access UserGroupUpdateResponsePoliciesAccess` Allow or deny operations against the resources. - `const UserGroupUpdateResponsePoliciesAccessAllow UserGroupUpdateResponsePoliciesAccess = "allow"` - `const UserGroupUpdateResponsePoliciesAccessDeny UserGroupUpdateResponsePoliciesAccess = "deny"` - `PermissionGroups []UserGroupUpdateResponsePoliciesPermissionGroup` A set of permission groups that are specified to the policy. - `ID string` Identifier of the permission group. - `Meta UserGroupUpdateResponsePoliciesPermissionGroupsMeta` Attributes associated to the permission group. - `Key string` - `Value string` - `Name string` Name of the permission group. - `ResourceGroups []UserGroupUpdateResponsePoliciesResourceGroup` A list of resource groups that the policy applies to. - `ID string` Identifier of the resource group. - `Scope []UserGroupUpdateResponsePoliciesResourceGroupsScope` The scope associated to the resource group - `Key string` This is a combination of pre-defined resource name and identifier (like Account ID etc.) - `Objects []UserGroupUpdateResponsePoliciesResourceGroupsScopeObject` A list of scope objects for additional context. - `Key string` This is a combination of pre-defined resource name and identifier (like Zone ID etc.) - `Meta UserGroupUpdateResponsePoliciesResourceGroupsMeta` Attributes associated to the resource group. - `Key string` - `Value string` - `Name string` Name of the resource group. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"), option.WithAPIEmail("user@example.com"), ) userGroup, err := client.IAM.UserGroups.Update( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", iam.UserGroupUpdateParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", userGroup.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2024-03-01T12:21:02.0000Z", "modified_on": "2024-03-01T12:21:02.0000Z", "name": "My New User Group", "policies": [ { "id": "f267e341f3dd4697bd3b9f71dd96247f", "access": "allow", "permission_groups": [ { "id": "c8fed203ed3043cba015a93ad1616f1f", "meta": { "key": "key", "value": "value" }, "name": "Zone Read" }, { "id": "82e64a83756745bbbb1c9c2701bf816b", "meta": { "key": "key", "value": "value" }, "name": "Magic Network Monitoring" } ], "resource_groups": [ { "id": "6d7f2f5f5b1d4a0e9081fdc98d432fd1", "scope": [ { "key": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4", "objects": [ { "key": "com.cloudflare.api.account.zone.23f8d65290b24279ba6f44721b3eaad5" } ] } ], "meta": { "key": "key", "value": "value" }, "name": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4" } ] } ] } } ``` ## Remove User Group `client.IAM.UserGroups.Delete(ctx, userGroupID, body) (*UserGroupDeleteResponse, error)` **delete** `/accounts/{account_id}/iam/user_groups/{user_group_id}` Remove a user group from an account. ### Parameters - `userGroupID string` User Group identifier tag. - `body UserGroupDeleteParams` - `AccountID param.Field[string]` Account identifier tag. ### Returns - `type UserGroupDeleteResponse struct{…}` - `ID string` Identifier ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"), option.WithAPIEmail("user@example.com"), ) userGroup, err := client.IAM.UserGroups.Delete( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", iam.UserGroupDeleteParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", userGroup.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353" } } ``` # Members ## List User Group Members `client.IAM.UserGroups.Members.List(ctx, userGroupID, params) (*V4PagePaginationArray[UserGroupMemberListResponse], error)` **get** `/accounts/{account_id}/iam/user_groups/{user_group_id}/members` List all the members attached to a user group. ### Parameters - `userGroupID string` User Group identifier tag. - `params UserGroupMemberListParams` - `AccountID param.Field[string]` Path param: Account identifier tag. - `Page param.Field[float64]` Query param: Page number of paginated results. - `PerPage param.Field[float64]` Query param: Maximum number of results per page. ### Returns - `type UserGroupMemberListResponse struct{…}` Member attached to a User Group. - `ID string` Account member identifier. - `Email string` The contact email address of the user. - `Status UserGroupMemberListResponseStatus` The member's status in the account. - `const UserGroupMemberListResponseStatusAccepted UserGroupMemberListResponseStatus = "accepted"` - `const UserGroupMemberListResponseStatusPending UserGroupMemberListResponseStatus = "pending"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"), option.WithAPIEmail("user@example.com"), ) page, err := client.IAM.UserGroups.Members.List( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", iam.UserGroupMemberListParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "4f5f0c14a2a41d5063dd301b2f829f04", "email": "user@example.com", "status": "accepted" } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Add User Group Members `client.IAM.UserGroups.Members.New(ctx, userGroupID, params) (*UserGroupMemberNewResponse, error)` **post** `/accounts/{account_id}/iam/user_groups/{user_group_id}/members` Add members to a User Group. ### Parameters - `userGroupID string` User Group identifier tag. - `params UserGroupMemberNewParams` - `AccountID param.Field[string]` Path param: Account identifier tag. - `Body param.Field[[]UserGroupMemberNewParamsBody]` Body param - `ID string` The identifier of an existing account Member. ### Returns - `type UserGroupMemberNewResponse struct{…}` Member attached to a User Group. - `ID string` Account member identifier. - `Email string` The contact email address of the user. - `Status UserGroupMemberNewResponseStatus` The member's status in the account. - `const UserGroupMemberNewResponseStatusAccepted UserGroupMemberNewResponseStatus = "accepted"` - `const UserGroupMemberNewResponseStatusPending UserGroupMemberNewResponseStatus = "pending"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"), option.WithAPIEmail("user@example.com"), ) member, err := client.IAM.UserGroups.Members.New( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", iam.UserGroupMemberNewParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Body: []iam.UserGroupMemberNewParamsBody{iam.UserGroupMemberNewParamsBody{ ID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }}, }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", member.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "4f5f0c14a2a41d5063dd301b2f829f04", "email": "user@example.com", "status": "accepted" } } ``` ## Update User Group Members `client.IAM.UserGroups.Members.Update(ctx, userGroupID, params) (*SinglePage[UserGroupMemberUpdateResponse], error)` **put** `/accounts/{account_id}/iam/user_groups/{user_group_id}/members` Replace the set of members attached to a User Group. ### Parameters - `userGroupID string` User Group identifier tag. - `params UserGroupMemberUpdateParams` - `AccountID param.Field[string]` Path param: Account identifier tag. - `Body param.Field[[]UserGroupMemberUpdateParamsBody]` Body param: Set/Replace members to a user group. - `ID string` The identifier of an existing account Member. ### Returns - `type UserGroupMemberUpdateResponse struct{…}` Member attached to a User Group. - `ID string` Account member identifier. - `Email string` The contact email address of the user. - `Status UserGroupMemberUpdateResponseStatus` The member's status in the account. - `const UserGroupMemberUpdateResponseStatusAccepted UserGroupMemberUpdateResponseStatus = "accepted"` - `const UserGroupMemberUpdateResponseStatusPending UserGroupMemberUpdateResponseStatus = "pending"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"), option.WithAPIEmail("user@example.com"), ) page, err := client.IAM.UserGroups.Members.Update( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", iam.UserGroupMemberUpdateParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Body: []iam.UserGroupMemberUpdateParamsBody{iam.UserGroupMemberUpdateParamsBody{ ID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }}, }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "4f5f0c14a2a41d5063dd301b2f829f04", "email": "user@example.com", "status": "accepted" } ] } ``` ## Remove User Group Member `client.IAM.UserGroups.Members.Delete(ctx, userGroupID, memberID, body) (*UserGroupMemberDeleteResponse, error)` **delete** `/accounts/{account_id}/iam/user_groups/{user_group_id}/members/{member_id}` Remove a member from User Group ### Parameters - `userGroupID string` User Group identifier tag. - `memberID string` The identifier of an existing account Member. - `body UserGroupMemberDeleteParams` - `AccountID param.Field[string]` Account identifier tag. ### Returns - `type UserGroupMemberDeleteResponse struct{…}` Member attached to a User Group. - `ID string` Account member identifier. - `Email string` The contact email address of the user. - `Status UserGroupMemberDeleteResponseStatus` The member's status in the account. - `const UserGroupMemberDeleteResponseStatusAccepted UserGroupMemberDeleteResponseStatus = "accepted"` - `const UserGroupMemberDeleteResponseStatusPending UserGroupMemberDeleteResponseStatus = "pending"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"), option.WithAPIEmail("user@example.com"), ) member, err := client.IAM.UserGroups.Members.Delete( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", "023e105f4ecef8ad9ca31a8372d0c353", iam.UserGroupMemberDeleteParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", member.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "4f5f0c14a2a41d5063dd301b2f829f04", "email": "user@example.com", "status": "accepted" } } ``` # SSO ## Get all SSO connectors `client.IAM.SSO.List(ctx, query) (*SinglePage[SSOListResponse], error)` **get** `/accounts/{account_id}/sso_connectors` Get all SSO connectors ### Parameters - `query SSOListParams` - `AccountID param.Field[string]` Account identifier tag. ### Returns - `type SSOListResponse struct{…}` - `ID string` SSO Connector identifier tag. - `CreatedOn Time` Timestamp for the creation of the SSO connector - `EmailDomain string` - `Enabled bool` - `UpdatedOn Time` Timestamp for the last update of the SSO connector - `UseFedrampLanguage bool` Controls the display of FedRAMP language to the user during SSO login - `Verification SSOListResponseVerification` - `Code string` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `Status SSOListResponseVerificationStatus` The status of the verification code from the verification process. - `const SSOListResponseVerificationStatusAwaiting SSOListResponseVerificationStatus = "awaiting"` - `const SSOListResponseVerificationStatusPending SSOListResponseVerificationStatus = "pending"` - `const SSOListResponseVerificationStatusFailed SSOListResponseVerificationStatus = "failed"` - `const SSOListResponseVerificationStatusVerified SSOListResponseVerificationStatus = "verified"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.IAM.SSO.List(context.TODO(), iam.SSOListParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2025-01-01T12:21:02.0000Z", "email_domain": "example.com", "enabled": false, "updated_on": "2025-01-01T12:21:02.0000Z", "use_fedramp_language": false, "verification": { "code": "cloudflare_dashboard_sso=023e105f4ecef8ad9ca31a8372d0c353", "status": "pending" } } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Get single SSO connector `client.IAM.SSO.Get(ctx, ssoConnectorID, query) (*SSOGetResponse, error)` **get** `/accounts/{account_id}/sso_connectors/{sso_connector_id}` Get single SSO connector ### Parameters - `ssoConnectorID string` SSO Connector identifier tag. - `query SSOGetParams` - `AccountID param.Field[string]` Account identifier tag. ### Returns - `type SSOGetResponse struct{…}` - `ID string` SSO Connector identifier tag. - `CreatedOn Time` Timestamp for the creation of the SSO connector - `EmailDomain string` - `Enabled bool` - `UpdatedOn Time` Timestamp for the last update of the SSO connector - `UseFedrampLanguage bool` Controls the display of FedRAMP language to the user during SSO login - `Verification SSOGetResponseVerification` - `Code string` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `Status SSOGetResponseVerificationStatus` The status of the verification code from the verification process. - `const SSOGetResponseVerificationStatusAwaiting SSOGetResponseVerificationStatus = "awaiting"` - `const SSOGetResponseVerificationStatusPending SSOGetResponseVerificationStatus = "pending"` - `const SSOGetResponseVerificationStatusFailed SSOGetResponseVerificationStatus = "failed"` - `const SSOGetResponseVerificationStatusVerified SSOGetResponseVerificationStatus = "verified"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) sso, err := client.IAM.SSO.Get( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", iam.SSOGetParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", sso.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2025-01-01T12:21:02.0000Z", "email_domain": "example.com", "enabled": false, "updated_on": "2025-01-01T12:21:02.0000Z", "use_fedramp_language": false, "verification": { "code": "cloudflare_dashboard_sso=023e105f4ecef8ad9ca31a8372d0c353", "status": "pending" } } } ``` ## Initialize new SSO connector `client.IAM.SSO.New(ctx, params) (*SSONewResponse, error)` **post** `/accounts/{account_id}/sso_connectors` Initialize new SSO connector ### Parameters - `params SSONewParams` - `AccountID param.Field[string]` Path param: Account identifier tag. - `EmailDomain param.Field[string]` Body param: Email domain of the new SSO connector - `BeginVerification param.Field[bool]` Body param: Begin the verification process after creation - `UseFedrampLanguage param.Field[bool]` Body param: Controls the display of FedRAMP language to the user during SSO login ### Returns - `type SSONewResponse struct{…}` - `ID string` SSO Connector identifier tag. - `CreatedOn Time` Timestamp for the creation of the SSO connector - `EmailDomain string` - `Enabled bool` - `UpdatedOn Time` Timestamp for the last update of the SSO connector - `UseFedrampLanguage bool` Controls the display of FedRAMP language to the user during SSO login - `Verification SSONewResponseVerification` - `Code string` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `Status SSONewResponseVerificationStatus` The status of the verification code from the verification process. - `const SSONewResponseVerificationStatusAwaiting SSONewResponseVerificationStatus = "awaiting"` - `const SSONewResponseVerificationStatusPending SSONewResponseVerificationStatus = "pending"` - `const SSONewResponseVerificationStatusFailed SSONewResponseVerificationStatus = "failed"` - `const SSONewResponseVerificationStatusVerified SSONewResponseVerificationStatus = "verified"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) sso, err := client.IAM.SSO.New(context.TODO(), iam.SSONewParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), EmailDomain: cloudflare.F("example.com"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", sso.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2025-01-01T12:21:02.0000Z", "email_domain": "example.com", "enabled": false, "updated_on": "2025-01-01T12:21:02.0000Z", "use_fedramp_language": false, "verification": { "code": "cloudflare_dashboard_sso=023e105f4ecef8ad9ca31a8372d0c353", "status": "pending" } } } ``` ## Update SSO connector state `client.IAM.SSO.Update(ctx, ssoConnectorID, params) (*SSOUpdateResponse, error)` **patch** `/accounts/{account_id}/sso_connectors/{sso_connector_id}` Update SSO connector state ### Parameters - `ssoConnectorID string` SSO Connector identifier tag. - `params SSOUpdateParams` - `AccountID param.Field[string]` Path param: Account identifier tag. - `Enabled param.Field[bool]` Body param: SSO Connector enabled state - `UseFedrampLanguage param.Field[bool]` Body param: Controls the display of FedRAMP language to the user during SSO login ### Returns - `type SSOUpdateResponse struct{…}` - `ID string` SSO Connector identifier tag. - `CreatedOn Time` Timestamp for the creation of the SSO connector - `EmailDomain string` - `Enabled bool` - `UpdatedOn Time` Timestamp for the last update of the SSO connector - `UseFedrampLanguage bool` Controls the display of FedRAMP language to the user during SSO login - `Verification SSOUpdateResponseVerification` - `Code string` DNS verification code. Add this entire string to the DNS TXT record of the email domain to validate ownership. - `Status SSOUpdateResponseVerificationStatus` The status of the verification code from the verification process. - `const SSOUpdateResponseVerificationStatusAwaiting SSOUpdateResponseVerificationStatus = "awaiting"` - `const SSOUpdateResponseVerificationStatusPending SSOUpdateResponseVerificationStatus = "pending"` - `const SSOUpdateResponseVerificationStatusFailed SSOUpdateResponseVerificationStatus = "failed"` - `const SSOUpdateResponseVerificationStatusVerified SSOUpdateResponseVerificationStatus = "verified"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) sso, err := client.IAM.SSO.Update( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", iam.SSOUpdateParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", sso.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "created_on": "2025-01-01T12:21:02.0000Z", "email_domain": "example.com", "enabled": false, "updated_on": "2025-01-01T12:21:02.0000Z", "use_fedramp_language": false, "verification": { "code": "cloudflare_dashboard_sso=023e105f4ecef8ad9ca31a8372d0c353", "status": "pending" } } } ``` ## Delete SSO connector `client.IAM.SSO.Delete(ctx, ssoConnectorID, body) (*SSODeleteResponse, error)` **delete** `/accounts/{account_id}/sso_connectors/{sso_connector_id}` Delete SSO connector ### Parameters - `ssoConnectorID string` SSO Connector identifier tag. - `body SSODeleteParams` - `AccountID param.Field[string]` Account identifier tag. ### Returns - `type SSODeleteResponse struct{…}` - `ID string` Identifier ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) sso, err := client.IAM.SSO.Delete( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", iam.SSODeleteParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", sso.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353" } } ``` ## Begin SSO connector verification `client.IAM.SSO.BeginVerification(ctx, ssoConnectorID, body) (*SSOBeginVerificationResponse, error)` **post** `/accounts/{account_id}/sso_connectors/{sso_connector_id}/begin_verification` Begin SSO connector verification ### Parameters - `ssoConnectorID string` SSO Connector identifier tag. - `body SSOBeginVerificationParams` - `AccountID param.Field[string]` Account identifier tag. ### Returns - `type SSOBeginVerificationResponse struct{…}` - `Errors []SSOBeginVerificationResponseError` - `Code int64` - `Message string` - `DocumentationURL string` - `Source SSOBeginVerificationResponseErrorsSource` - `Pointer string` - `Messages []SSOBeginVerificationResponseMessage` - `Code int64` - `Message string` - `DocumentationURL string` - `Source SSOBeginVerificationResponseMessagesSource` - `Pointer string` - `Success SSOBeginVerificationResponseSuccess` Whether the API call was successful. - `const SSOBeginVerificationResponseSuccessTrue SSOBeginVerificationResponseSuccess = true` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/iam" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) response, err := client.IAM.SSO.BeginVerification( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", iam.SSOBeginVerificationParams{ AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", response.Errors) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true } ```