Token Validation

Token ValidationConfiguration

List token validation configurations

client.TokenValidation.Configuration.List(ctx, params) (*V4PagePaginationArray[TokenConfig], error)

GET/zones/{zone_id}/token_validation/config

Get a single Token Configuration

client.TokenValidation.Configuration.Get(ctx, configID, query) (*TokenConfig, error)

GET/zones/{zone_id}/token_validation/config/{config_id}

Create a new Token Validation configuration

client.TokenValidation.Configuration.New(ctx, params) (*TokenConfig, error)

POST/zones/{zone_id}/token_validation/config

Edit an existing Token Configuration

client.TokenValidation.Configuration.Edit(ctx, configID, params) (*ConfigurationEditResponse, error)

PATCH/zones/{zone_id}/token_validation/config/{config_id}

Delete Token Configuration

client.TokenValidation.Configuration.Delete(ctx, configID, body) (*ConfigurationDeleteResponse, error)

DELETE/zones/{zone_id}/token_validation/config/{config_id}

ModelsExpand Collapse

type TokenConfig struct{…}

ID string

UUID.

maxLength36

minLength36

CreatedAt Time

formatdate-time

Credentials TokenConfigCredentials

Keys []TokenConfigCredentialsKey

One of the following:

type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSA struct{…}

JSON representation of an RSA key.

Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg

Algorithm

One of the following:

const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS256"

const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS384"

const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs512 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS512"

const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS256"

const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS384"

const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs512 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS512"

E string

RSA exponent

Kid string

Key ID

Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAKty

Key Type

N string

RSA modulus

type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256 struct{…}

JSON representation of an ES256 key

Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Alg

Algorithm

Crv TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Crv

Curve

Kid string

Key ID

Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Kty

Key Type

X string

X EC coordinate

Y string

Y EC coordinate

type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384 struct{…}

JSON representation of an ES384 key

Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Alg

Algorithm

Crv TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Crv

Curve

Kid string

Key ID

Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Kty

Key Type

X string

X EC coordinate

Y string

Y EC coordinate

Description string

maxLength500

LastUpdated Time

formatdate-time

Title string

maxLength50

TokenSources []string

TokenType TokenConfigTokenType

Token ValidationConfigurationCredentials

Update Token Configuration credentials

client.TokenValidation.Configuration.Credentials.Update(ctx, configID, params) (*ConfigurationCredentialUpdateResponse, error)

PUT/zones/{zone_id}/token_validation/config/{config_id}/credentials

ModelsExpand Collapse

type TokenValidationRule struct{…}

A Token Validation rule that can enforce security policies using JWT Tokens.

Action TokenValidationRuleAction

Action to take on requests that match operations included in selector and fail expression.

One of the following:

const TokenValidationRuleActionLog TokenValidationRuleAction = "log"

const TokenValidationRuleActionBlock TokenValidationRuleAction = "block"

Description string

A human-readable description that gives more details than title.

maxLength500

Enabled bool

Toggle rule on or off.

Expression string

Rule expression. Requests that fail to match this expression will be subject to action.

For details on expressions, see the Cloudflare Docs.

Selector TokenValidationRuleSelector

Select operations covered by this rule.

For details on selectors, see the Cloudflare Docs.

Exclude []TokenValidationRuleSelectorExcludeoptional

Ignore operations that were otherwise included by include.

OperationIDs []stringoptional

Excluded operation IDs.

Include []TokenValidationRuleSelectorIncludeoptional

Select all matching operations.

Host []stringoptional

Included hostnames.

Title string

A human-readable name for the rule.

maxLength50

ID stringoptional

UUID.

maxLength36

minLength36

CreatedAt Timeoptional

formatdate-time

LastUpdated Timeoptional

formatdate-time

Token Validation

Token ValidationConfiguration

List token validation configurations

Get a single Token Configuration

Create a new Token Validation configuration

Edit an existing Token Configuration

Delete Token Configuration

ModelsExpand Collapse

Token ValidationConfigurationCredentials

Update Token Configuration credentials

Token ValidationRules

List token validation rules

Create a token validation rule

Bulk create token validation rules

Bulk edit token validation rules

Get a zone token validation rule

Delete a zone token validation rule

Edit a zone token validation rule

ModelsExpand Collapse