# Token Validation # Configuration ## List token validation configurations `client.TokenValidation.Configuration.List(ctx, params) (*V4PagePaginationArray[TokenConfig], error)` **get** `/zones/{zone_id}/token_validation/config` Lists all token validation configurations for this zone ### Parameters - `params ConfigurationListParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Page param.Field[int64]` Query param: Page number of paginated results. - `PerPage param.Field[int64]` Query param: Maximum number of results per page. ### Returns - `type TokenConfig struct{…}` - `ID string` UUID. - `CreatedAt Time` - `Credentials TokenConfigCredentials` - `Keys []TokenConfigCredentialsKey` - `type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSA struct{…}` JSON representation of an RSA key. - `Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg` Algorithm - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS256"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS384"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs512 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS512"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS256"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS384"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs512 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS512"` - `E string` RSA exponent - `Kid string` Key ID - `Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAKty` Key Type - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAKtyRSA TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAKty = "RSA"` - `N string` RSA modulus - `type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256 struct{…}` JSON representation of an ES256 key - `Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Alg` Algorithm - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256AlgEs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Alg = "ES256"` - `Crv TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Crv` Curve - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256CrvP256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Crv = "P-256"` - `Kid string` Key ID - `Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Kty` Key Type - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256KtyEc TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Kty = "EC"` - `X string` X EC coordinate - `Y string` Y EC coordinate - `type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384 struct{…}` JSON representation of an ES384 key - `Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Alg` Algorithm - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384AlgEs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Alg = "ES384"` - `Crv TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Crv` Curve - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384CrvP384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Crv = "P-384"` - `Kid string` Key ID - `Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Kty` Key Type - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384KtyEc TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Kty = "EC"` - `X string` X EC coordinate - `Y string` Y EC coordinate - `Description string` - `LastUpdated Time` - `Title string` - `TokenSources []string` - `TokenType TokenConfigTokenType` - `const TokenConfigTokenTypeJWT TokenConfigTokenType = "JWT"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/token_validation" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.TokenValidation.Configuration.List(context.TODO(), token_validation.ConfigurationListParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "created_at": "2014-01-01T05:20:00.12345Z", "credentials": { "keys": [ { "alg": "ES256", "crv": "P-256", "kid": "38013f13-c266-4eec-a72a-92ec92779f21", "kty": "EC", "x": "KN53JRwN3wCjm2o39bvZUX2VdrsHzS8pxOAGjm8m7EQ", "y": "lnkkzIxaveggz-HFhcMWW15nxvOj0Z_uQsXbpK0GFcY" } ] }, "description": "Long description for Token Validation Configuration", "last_updated": "2014-01-01T05:20:00.12345Z", "title": "Example Token Validation Configuration", "token_sources": [ "http.request.headers[\"x-auth\"][0]", "http.request.cookies[\"Authorization\"][0]" ], "token_type": "JWT" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Get a single Token Configuration `client.TokenValidation.Configuration.Get(ctx, configID, query) (*TokenConfig, error)` **get** `/zones/{zone_id}/token_validation/config/{config_id}` Get a single Token Configuration ### Parameters - `configID string` UUID. - `query ConfigurationGetParams` - `ZoneID param.Field[string]` Identifier. ### Returns - `type TokenConfig struct{…}` - `ID string` UUID. - `CreatedAt Time` - `Credentials TokenConfigCredentials` - `Keys []TokenConfigCredentialsKey` - `type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSA struct{…}` JSON representation of an RSA key. - `Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg` Algorithm - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS256"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS384"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs512 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS512"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS256"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS384"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs512 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS512"` - `E string` RSA exponent - `Kid string` Key ID - `Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAKty` Key Type - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAKtyRSA TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAKty = "RSA"` - `N string` RSA modulus - `type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256 struct{…}` JSON representation of an ES256 key - `Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Alg` Algorithm - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256AlgEs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Alg = "ES256"` - `Crv TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Crv` Curve - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256CrvP256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Crv = "P-256"` - `Kid string` Key ID - `Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Kty` Key Type - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256KtyEc TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Kty = "EC"` - `X string` X EC coordinate - `Y string` Y EC coordinate - `type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384 struct{…}` JSON representation of an ES384 key - `Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Alg` Algorithm - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384AlgEs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Alg = "ES384"` - `Crv TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Crv` Curve - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384CrvP384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Crv = "P-384"` - `Kid string` Key ID - `Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Kty` Key Type - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384KtyEc TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Kty = "EC"` - `X string` X EC coordinate - `Y string` Y EC coordinate - `Description string` - `LastUpdated Time` - `Title string` - `TokenSources []string` - `TokenType TokenConfigTokenType` - `const TokenConfigTokenTypeJWT TokenConfigTokenType = "JWT"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/token_validation" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) tokenConfig, err := client.TokenValidation.Configuration.Get( context.TODO(), "4a7ee8d3-dd63-4ceb-9d5f-c27831854ce7", token_validation.ConfigurationGetParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", tokenConfig.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "created_at": "2014-01-01T05:20:00.12345Z", "credentials": { "keys": [ { "alg": "ES256", "crv": "P-256", "kid": "38013f13-c266-4eec-a72a-92ec92779f21", "kty": "EC", "x": "KN53JRwN3wCjm2o39bvZUX2VdrsHzS8pxOAGjm8m7EQ", "y": "lnkkzIxaveggz-HFhcMWW15nxvOj0Z_uQsXbpK0GFcY" } ] }, "description": "Long description for Token Validation Configuration", "last_updated": "2014-01-01T05:20:00.12345Z", "title": "Example Token Validation Configuration", "token_sources": [ "http.request.headers[\"x-auth\"][0]", "http.request.cookies[\"Authorization\"][0]" ], "token_type": "JWT" }, "success": true } ``` ## Create a new Token Validation configuration `client.TokenValidation.Configuration.New(ctx, params) (*TokenConfig, error)` **post** `/zones/{zone_id}/token_validation/config` Create a new Token Validation configuration ### Parameters - `params ConfigurationNewParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Credentials param.Field[ConfigurationNewParamsCredentials]` Body param - `Keys []ConfigurationNewParamsCredentialsKey` - `type ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSA struct{…}` JSON representation of an RSA key. - `Alg ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg` Algorithm - `const ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs256 ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS256"` - `const ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs384 ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS384"` - `const ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs512 ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS512"` - `const ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs256 ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS256"` - `const ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs384 ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS384"` - `const ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs512 ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS512"` - `E string` RSA exponent - `Kid string` Key ID - `Kty ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAKty` Key Type - `const ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAKtyRSA ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyRSAKty = "RSA"` - `N string` RSA modulus - `type ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256 struct{…}` JSON representation of an ES256 key - `Alg ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Alg` Algorithm - `const ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256AlgEs256 ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Alg = "ES256"` - `Crv ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Crv` Curve - `const ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256CrvP256 ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Crv = "P-256"` - `Kid string` Key ID - `Kty ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Kty` Key Type - `const ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256KtyEc ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Kty = "EC"` - `X string` X EC coordinate - `Y string` Y EC coordinate - `type ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384 struct{…}` JSON representation of an ES384 key - `Alg ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Alg` Algorithm - `const ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384AlgEs384 ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Alg = "ES384"` - `Crv ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Crv` Curve - `const ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384CrvP384 ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Crv = "P-384"` - `Kid string` Key ID - `Kty ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Kty` Key Type - `const ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384KtyEc ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Kty = "EC"` - `X string` X EC coordinate - `Y string` Y EC coordinate - `Description param.Field[string]` Body param - `Title param.Field[string]` Body param - `TokenSources param.Field[[]string]` Body param - `TokenType param.Field[ConfigurationNewParamsTokenType]` Body param - `const ConfigurationNewParamsTokenTypeJWT ConfigurationNewParamsTokenType = "JWT"` ### Returns - `type TokenConfig struct{…}` - `ID string` UUID. - `CreatedAt Time` - `Credentials TokenConfigCredentials` - `Keys []TokenConfigCredentialsKey` - `type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSA struct{…}` JSON representation of an RSA key. - `Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg` Algorithm - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS256"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS384"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs512 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS512"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS256"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS384"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs512 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS512"` - `E string` RSA exponent - `Kid string` Key ID - `Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAKty` Key Type - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAKtyRSA TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAKty = "RSA"` - `N string` RSA modulus - `type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256 struct{…}` JSON representation of an ES256 key - `Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Alg` Algorithm - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256AlgEs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Alg = "ES256"` - `Crv TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Crv` Curve - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256CrvP256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Crv = "P-256"` - `Kid string` Key ID - `Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Kty` Key Type - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256KtyEc TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Kty = "EC"` - `X string` X EC coordinate - `Y string` Y EC coordinate - `type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384 struct{…}` JSON representation of an ES384 key - `Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Alg` Algorithm - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384AlgEs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Alg = "ES384"` - `Crv TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Crv` Curve - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384CrvP384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Crv = "P-384"` - `Kid string` Key ID - `Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Kty` Key Type - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384KtyEc TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Kty = "EC"` - `X string` X EC coordinate - `Y string` Y EC coordinate - `Description string` - `LastUpdated Time` - `Title string` - `TokenSources []string` - `TokenType TokenConfigTokenType` - `const TokenConfigTokenTypeJWT TokenConfigTokenType = "JWT"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/token_validation" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) tokenConfig, err := client.TokenValidation.Configuration.New(context.TODO(), token_validation.ConfigurationNewParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Credentials: cloudflare.F(token_validation.ConfigurationNewParamsCredentials{ Keys: cloudflare.F([]token_validation.ConfigurationNewParamsCredentialsKeyUnion{token_validation.ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256{ Alg: cloudflare.F(token_validation.ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256AlgEs256), Crv: cloudflare.F(token_validation.ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256CrvP256), Kid: cloudflare.F("38013f13-c266-4eec-a72a-92ec92779f21"), Kty: cloudflare.F(token_validation.ConfigurationNewParamsCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256KtyEc), X: cloudflare.F("KN53JRwN3wCjm2o39bvZUX2VdrsHzS8pxOAGjm8m7EQ"), Y: cloudflare.F("lnkkzIxaveggz-HFhcMWW15nxvOj0Z_uQsXbpK0GFcY"), }}), }), Description: cloudflare.F("Long description for Token Validation Configuration"), Title: cloudflare.F("Example Token Validation Configuration"), TokenSources: cloudflare.F([]string{`http.request.headers["x-auth"][0]`, `http.request.cookies["Authorization"][0]`}), TokenType: cloudflare.F(token_validation.ConfigurationNewParamsTokenTypeJWT), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", tokenConfig.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "created_at": "2014-01-01T05:20:00.12345Z", "credentials": { "keys": [ { "alg": "ES256", "crv": "P-256", "kid": "38013f13-c266-4eec-a72a-92ec92779f21", "kty": "EC", "x": "KN53JRwN3wCjm2o39bvZUX2VdrsHzS8pxOAGjm8m7EQ", "y": "lnkkzIxaveggz-HFhcMWW15nxvOj0Z_uQsXbpK0GFcY" } ] }, "description": "Long description for Token Validation Configuration", "last_updated": "2014-01-01T05:20:00.12345Z", "title": "Example Token Validation Configuration", "token_sources": [ "http.request.headers[\"x-auth\"][0]", "http.request.cookies[\"Authorization\"][0]" ], "token_type": "JWT" }, "success": true } ``` ## Edit an existing Token Configuration `client.TokenValidation.Configuration.Edit(ctx, configID, params) (*ConfigurationEditResponse, error)` **patch** `/zones/{zone_id}/token_validation/config/{config_id}` Edit fields of an existing Token Configuration ### Parameters - `configID string` UUID. - `params ConfigurationEditParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Description param.Field[string]` Body param - `Title param.Field[string]` Body param - `TokenSources param.Field[[]string]` Body param ### Returns - `type ConfigurationEditResponse struct{…}` - `ID string` UUID. - `Description string` - `Title string` - `TokenSources []string` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/token_validation" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) response, err := client.TokenValidation.Configuration.Edit( context.TODO(), "4a7ee8d3-dd63-4ceb-9d5f-c27831854ce7", token_validation.ConfigurationEditParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", response.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "description": "Long description for Token Validation Configuration", "title": "Example Token Validation Configuration", "token_sources": [ "http.request.headers[\"x-auth\"][0]", "http.request.cookies[\"Authorization\"][0]" ] }, "success": true } ``` ## Delete Token Configuration `client.TokenValidation.Configuration.Delete(ctx, configID, body) (*ConfigurationDeleteResponse, error)` **delete** `/zones/{zone_id}/token_validation/config/{config_id}` Delete Token Configuration ### Parameters - `configID string` UUID. - `body ConfigurationDeleteParams` - `ZoneID param.Field[string]` Identifier. ### Returns - `type ConfigurationDeleteResponse struct{…}` - `ID string` UUID. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/token_validation" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) configuration, err := client.TokenValidation.Configuration.Delete( context.TODO(), "4a7ee8d3-dd63-4ceb-9d5f-c27831854ce7", token_validation.ConfigurationDeleteParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", configuration.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415" }, "success": true } ``` ## Domain Types ### Token Config - `type TokenConfig struct{…}` - `ID string` UUID. - `CreatedAt Time` - `Credentials TokenConfigCredentials` - `Keys []TokenConfigCredentialsKey` - `type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSA struct{…}` JSON representation of an RSA key. - `Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg` Algorithm - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS256"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS384"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs512 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS512"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS256"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS384"` - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs512 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS512"` - `E string` RSA exponent - `Kid string` Key ID - `Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAKty` Key Type - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAKtyRSA TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAKty = "RSA"` - `N string` RSA modulus - `type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256 struct{…}` JSON representation of an ES256 key - `Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Alg` Algorithm - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256AlgEs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Alg = "ES256"` - `Crv TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Crv` Curve - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256CrvP256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Crv = "P-256"` - `Kid string` Key ID - `Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Kty` Key Type - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256KtyEc TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Kty = "EC"` - `X string` X EC coordinate - `Y string` Y EC coordinate - `type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384 struct{…}` JSON representation of an ES384 key - `Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Alg` Algorithm - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384AlgEs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Alg = "ES384"` - `Crv TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Crv` Curve - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384CrvP384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Crv = "P-384"` - `Kid string` Key ID - `Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Kty` Key Type - `const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384KtyEc TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Kty = "EC"` - `X string` X EC coordinate - `Y string` Y EC coordinate - `Description string` - `LastUpdated Time` - `Title string` - `TokenSources []string` - `TokenType TokenConfigTokenType` - `const TokenConfigTokenTypeJWT TokenConfigTokenType = "JWT"` # Credentials ## Update Token Configuration credentials `client.TokenValidation.Configuration.Credentials.Update(ctx, configID, params) (*ConfigurationCredentialUpdateResponse, error)` **put** `/zones/{zone_id}/token_validation/config/{config_id}/credentials` Update Token Configuration credentials ### Parameters - `configID string` UUID. - `params ConfigurationCredentialUpdateParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Keys param.Field[[]ConfigurationCredentialUpdateParamsKey]` Body param - `type ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSA struct{…}` JSON representation of an RSA key. - `Alg ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAAlg` Algorithm - `const ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAAlgRs256 ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS256"` - `const ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAAlgRs384 ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS384"` - `const ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAAlgRs512 ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS512"` - `const ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAAlgPs256 ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS256"` - `const ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAAlgPs384 ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS384"` - `const ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAAlgPs512 ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS512"` - `E string` RSA exponent - `Kid string` Key ID - `Kty ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAKty` Key Type - `const ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAKtyRSA ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyRSAKty = "RSA"` - `N string` RSA modulus - `type ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs256 struct{…}` JSON representation of an ES256 key - `Alg ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs256Alg` Algorithm - `const ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs256AlgEs256 ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs256Alg = "ES256"` - `Crv ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs256Crv` Curve - `const ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs256CrvP256 ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs256Crv = "P-256"` - `Kid string` Key ID - `Kty ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs256Kty` Key Type - `const ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs256KtyEc ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs256Kty = "EC"` - `X string` X EC coordinate - `Y string` Y EC coordinate - `type ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs384 struct{…}` JSON representation of an ES384 key - `Alg ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs384Alg` Algorithm - `const ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs384AlgEs384 ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs384Alg = "ES384"` - `Crv ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs384Crv` Curve - `const ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs384CrvP384 ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs384Crv = "P-384"` - `Kid string` Key ID - `Kty ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs384Kty` Key Type - `const ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs384KtyEc ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs384Kty = "EC"` - `X string` X EC coordinate - `Y string` Y EC coordinate ### Returns - `type ConfigurationCredentialUpdateResponse struct{…}` - `Errors Message` - `Code int64` - `Message string` - `DocumentationURL string` - `Source MessageItemSource` - `Pointer string` - `Keys []ConfigurationCredentialUpdateResponseKey` - `type ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSA struct{…}` JSON representation of an RSA key. - `Alg ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAAlg` Algorithm - `const ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAAlgRs256 ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS256"` - `const ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAAlgRs384 ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS384"` - `const ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAAlgRs512 ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS512"` - `const ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAAlgPs256 ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS256"` - `const ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAAlgPs384 ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS384"` - `const ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAAlgPs512 ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS512"` - `E string` RSA exponent - `Kid string` Key ID - `Kty ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAKty` Key Type - `const ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAKtyRSA ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyRSAKty = "RSA"` - `N string` RSA modulus - `type ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs256 struct{…}` JSON representation of an ES256 key - `Alg ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs256Alg` Algorithm - `const ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs256AlgEs256 ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs256Alg = "ES256"` - `Crv ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs256Crv` Curve - `const ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs256CrvP256 ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs256Crv = "P-256"` - `Kid string` Key ID - `Kty ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs256Kty` Key Type - `const ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs256KtyEc ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs256Kty = "EC"` - `X string` X EC coordinate - `Y string` Y EC coordinate - `type ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs384 struct{…}` JSON representation of an ES384 key - `Alg ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs384Alg` Algorithm - `const ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs384AlgEs384 ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs384Alg = "ES384"` - `Crv ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs384Crv` Curve - `const ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs384CrvP384 ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs384Crv = "P-384"` - `Kid string` Key ID - `Kty ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs384Kty` Key Type - `const ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs384KtyEc ConfigurationCredentialUpdateResponseKeysAPIShieldCredentialsJWTKeyEcEs384Kty = "EC"` - `X string` X EC coordinate - `Y string` Y EC coordinate - `Messages Message` - `Success ConfigurationCredentialUpdateResponseSuccess` Whether the API call was successful. - `const ConfigurationCredentialUpdateResponseSuccessTrue ConfigurationCredentialUpdateResponseSuccess = true` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/token_validation" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) credential, err := client.TokenValidation.Configuration.Credentials.Update( context.TODO(), "4a7ee8d3-dd63-4ceb-9d5f-c27831854ce7", token_validation.ConfigurationCredentialUpdateParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Keys: cloudflare.F([]token_validation.ConfigurationCredentialUpdateParamsKeyUnion{token_validation.ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs256{ Alg: cloudflare.F(token_validation.ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs256AlgEs256), Crv: cloudflare.F(token_validation.ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs256CrvP256), Kid: cloudflare.F("38013f13-c266-4eec-a72a-92ec92779f21"), Kty: cloudflare.F(token_validation.ConfigurationCredentialUpdateParamsKeysAPIShieldCredentialsJWTKeyEcEs256KtyEc), X: cloudflare.F("KN53JRwN3wCjm2o39bvZUX2VdrsHzS8pxOAGjm8m7EQ"), Y: cloudflare.F("lnkkzIxaveggz-HFhcMWW15nxvOj0Z_uQsXbpK0GFcY"), }}), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", credential.Errors) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "keys": [ { "alg": "ES256", "crv": "P-256", "kid": "38013f13-c266-4eec-a72a-92ec92779f21", "kty": "EC", "x": "KN53JRwN3wCjm2o39bvZUX2VdrsHzS8pxOAGjm8m7EQ", "y": "lnkkzIxaveggz-HFhcMWW15nxvOj0Z_uQsXbpK0GFcY" } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true } ``` # Rules ## List token validation rules `client.TokenValidation.Rules.List(ctx, params) (*V4PagePaginationArray[TokenValidationRule], error)` **get** `/zones/{zone_id}/token_validation/rules` List token validation rules ### Parameters - `params RuleListParams` - `ZoneID param.Field[string]` Path param: Identifier. - `ID param.Field[string]` Query param: Select rules with these IDs. - `Action param.Field[RuleListParamsAction]` Query param: Action to take on requests that match operations included in `selector` and fail `expression`. - `const RuleListParamsActionLog RuleListParamsAction = "log"` - `const RuleListParamsActionBlock RuleListParamsAction = "block"` - `Enabled param.Field[bool]` Query param: Toggle rule on or off. - `Host param.Field[string]` Query param: Select rules with this host in `include`. - `Hostname param.Field[string]` Query param: Select rules with this host in `include`. - `Page param.Field[int64]` Query param: Page number of paginated results. - `PerPage param.Field[int64]` Query param: Maximum number of results per page. - `RuleID param.Field[string]` Query param: Select rules with these IDs. - `TokenConfiguration param.Field[[]string]` Query param: Select rules using any of these token configurations. ### Returns - `type TokenValidationRule struct{…}` A Token Validation rule that can enforce security policies using JWT Tokens. - `Action TokenValidationRuleAction` Action to take on requests that match operations included in `selector` and fail `expression`. - `const TokenValidationRuleActionLog TokenValidationRuleAction = "log"` - `const TokenValidationRuleActionBlock TokenValidationRuleAction = "block"` - `Description string` A human-readable description that gives more details than `title`. - `Enabled bool` Toggle rule on or off. - `Expression string` Rule expression. Requests that fail to match this expression will be subject to `action`. For details on expressions, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Selector TokenValidationRuleSelector` Select operations covered by this rule. For details on selectors, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Exclude []TokenValidationRuleSelectorExclude` Ignore operations that were otherwise included by `include`. - `OperationIDs []string` Excluded operation IDs. - `Include []TokenValidationRuleSelectorInclude` Select all matching operations. - `Host []string` Included hostnames. - `Title string` A human-readable name for the rule. - `ID string` UUID. - `CreatedAt Time` - `LastUpdated Time` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/token_validation" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.TokenValidation.Rules.List(context.TODO(), token_validation.RuleListParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "action": "log", "description": "Long description for Token Validation Rule", "enabled": true, "expression": "is_jwt_valid(\"52973293-cb04-4a97-8f55-e7d2ad1107dd\") or is_jwt_valid(\"46eab8d1-6376-45e3-968f-2c649d77d423\")", "selector": { "exclude": [ { "operation_ids": [ "f9c5615e-fe15-48ce-bec6-cfc1946f1bec", "56828eae-035a-4396-ba07-51c66d680a04" ] } ], "include": [ { "host": [ "v1.example.com", "v2.example.com" ] } ] }, "title": "Example Token Validation Rule", "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "created_at": "2014-01-01T05:20:00.12345Z", "last_updated": "2014-01-01T05:20:00.12345Z" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Create a token validation rule `client.TokenValidation.Rules.New(ctx, params) (*TokenValidationRule, error)` **post** `/zones/{zone_id}/token_validation/rules` Create a token validation rule. ### Parameters - `params RuleNewParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Action param.Field[RuleNewParamsAction]` Body param: Action to take on requests that match operations included in `selector` and fail `expression`. - `const RuleNewParamsActionLog RuleNewParamsAction = "log"` - `const RuleNewParamsActionBlock RuleNewParamsAction = "block"` - `Description param.Field[string]` Body param: A human-readable description that gives more details than `title`. - `Enabled param.Field[bool]` Body param: Toggle rule on or off. - `Expression param.Field[string]` Body param: Rule expression. Requests that fail to match this expression will be subject to `action`. For details on expressions, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Selector param.Field[RuleNewParamsSelector]` Body param: Select operations covered by this rule. For details on selectors, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Exclude []RuleNewParamsSelectorExclude` Ignore operations that were otherwise included by `include`. - `OperationIDs []string` Excluded operation IDs. - `Include []RuleNewParamsSelectorInclude` Select all matching operations. - `Host []string` Included hostnames. - `Title param.Field[string]` Body param: A human-readable name for the rule. ### Returns - `type TokenValidationRule struct{…}` A Token Validation rule that can enforce security policies using JWT Tokens. - `Action TokenValidationRuleAction` Action to take on requests that match operations included in `selector` and fail `expression`. - `const TokenValidationRuleActionLog TokenValidationRuleAction = "log"` - `const TokenValidationRuleActionBlock TokenValidationRuleAction = "block"` - `Description string` A human-readable description that gives more details than `title`. - `Enabled bool` Toggle rule on or off. - `Expression string` Rule expression. Requests that fail to match this expression will be subject to `action`. For details on expressions, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Selector TokenValidationRuleSelector` Select operations covered by this rule. For details on selectors, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Exclude []TokenValidationRuleSelectorExclude` Ignore operations that were otherwise included by `include`. - `OperationIDs []string` Excluded operation IDs. - `Include []TokenValidationRuleSelectorInclude` Select all matching operations. - `Host []string` Included hostnames. - `Title string` A human-readable name for the rule. - `ID string` UUID. - `CreatedAt Time` - `LastUpdated Time` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/token_validation" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) tokenValidationRule, err := client.TokenValidation.Rules.New(context.TODO(), token_validation.RuleNewParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Action: cloudflare.F(token_validation.RuleNewParamsActionLog), Description: cloudflare.F("Long description for Token Validation Rule"), Enabled: cloudflare.F(true), Expression: cloudflare.F(`is_jwt_valid("52973293-cb04-4a97-8f55-e7d2ad1107dd") or is_jwt_valid("46eab8d1-6376-45e3-968f-2c649d77d423")`), Selector: cloudflare.F(token_validation.RuleNewParamsSelector{ }), Title: cloudflare.F("Example Token Validation Rule"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", tokenValidationRule.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "action": "log", "description": "Long description for Token Validation Rule", "enabled": true, "expression": "is_jwt_valid(\"52973293-cb04-4a97-8f55-e7d2ad1107dd\") or is_jwt_valid(\"46eab8d1-6376-45e3-968f-2c649d77d423\")", "selector": { "exclude": [ { "operation_ids": [ "f9c5615e-fe15-48ce-bec6-cfc1946f1bec", "56828eae-035a-4396-ba07-51c66d680a04" ] } ], "include": [ { "host": [ "v1.example.com", "v2.example.com" ] } ] }, "title": "Example Token Validation Rule", "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "created_at": "2014-01-01T05:20:00.12345Z", "last_updated": "2014-01-01T05:20:00.12345Z" }, "success": true } ``` ## Bulk create token validation rules `client.TokenValidation.Rules.BulkNew(ctx, params) (*SinglePage[TokenValidationRule], error)` **post** `/zones/{zone_id}/token_validation/rules/bulk` Create zone token validation rules. A request can create multiple Token Validation Rules. ### Parameters - `params RuleBulkNewParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Body param.Field[[]RuleBulkNewParamsBody]` Body param - `Action RuleBulkNewParamsBodyAction` Action to take on requests that match operations included in `selector` and fail `expression`. - `const RuleBulkNewParamsBodyActionLog RuleBulkNewParamsBodyAction = "log"` - `const RuleBulkNewParamsBodyActionBlock RuleBulkNewParamsBodyAction = "block"` - `Description string` A human-readable description that gives more details than `title`. - `Enabled bool` Toggle rule on or off. - `Expression string` Rule expression. Requests that fail to match this expression will be subject to `action`. For details on expressions, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Selector RuleBulkNewParamsBodySelector` Select operations covered by this rule. For details on selectors, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Exclude []RuleBulkNewParamsBodySelectorExclude` Ignore operations that were otherwise included by `include`. - `OperationIDs []string` Excluded operation IDs. - `Include []RuleBulkNewParamsBodySelectorInclude` Select all matching operations. - `Host []string` Included hostnames. - `Title string` A human-readable name for the rule. ### Returns - `type TokenValidationRule struct{…}` A Token Validation rule that can enforce security policies using JWT Tokens. - `Action TokenValidationRuleAction` Action to take on requests that match operations included in `selector` and fail `expression`. - `const TokenValidationRuleActionLog TokenValidationRuleAction = "log"` - `const TokenValidationRuleActionBlock TokenValidationRuleAction = "block"` - `Description string` A human-readable description that gives more details than `title`. - `Enabled bool` Toggle rule on or off. - `Expression string` Rule expression. Requests that fail to match this expression will be subject to `action`. For details on expressions, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Selector TokenValidationRuleSelector` Select operations covered by this rule. For details on selectors, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Exclude []TokenValidationRuleSelectorExclude` Ignore operations that were otherwise included by `include`. - `OperationIDs []string` Excluded operation IDs. - `Include []TokenValidationRuleSelectorInclude` Select all matching operations. - `Host []string` Included hostnames. - `Title string` A human-readable name for the rule. - `ID string` UUID. - `CreatedAt Time` - `LastUpdated Time` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/token_validation" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.TokenValidation.Rules.BulkNew(context.TODO(), token_validation.RuleBulkNewParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Body: []token_validation.RuleBulkNewParamsBody{token_validation.RuleBulkNewParamsBody{ Action: cloudflare.F(token_validation.RuleBulkNewParamsBodyActionLog), Description: cloudflare.F("Long description for Token Validation Rule"), Enabled: cloudflare.F(true), Expression: cloudflare.F(`is_jwt_valid("52973293-cb04-4a97-8f55-e7d2ad1107dd") or is_jwt_valid("46eab8d1-6376-45e3-968f-2c649d77d423")`), Selector: cloudflare.F(token_validation.RuleBulkNewParamsBodySelector{ }), Title: cloudflare.F("Example Token Validation Rule"), }}, }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "action": "log", "description": "Long description for Token Validation Rule", "enabled": true, "expression": "is_jwt_valid(\"52973293-cb04-4a97-8f55-e7d2ad1107dd\") or is_jwt_valid(\"46eab8d1-6376-45e3-968f-2c649d77d423\")", "selector": { "exclude": [ { "operation_ids": [ "f9c5615e-fe15-48ce-bec6-cfc1946f1bec", "56828eae-035a-4396-ba07-51c66d680a04" ] } ], "include": [ { "host": [ "v1.example.com", "v2.example.com" ] } ] }, "title": "Example Token Validation Rule", "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "created_at": "2014-01-01T05:20:00.12345Z", "last_updated": "2014-01-01T05:20:00.12345Z" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Bulk edit token validation rules `client.TokenValidation.Rules.BulkEdit(ctx, params) (*SinglePage[TokenValidationRule], error)` **patch** `/zones/{zone_id}/token_validation/rules/bulk` Edit token validation rules. A request can update multiple Token Validation Rules. Rules can be re-ordered using the `position` field. Returns all updated rules. ### Parameters - `params RuleBulkEditParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Body param.Field[[]RuleBulkEditParamsBody]` Body param - `ID string` Rule ID this patch applies to - `Action RuleBulkEditParamsBodyAction` Action to take on requests that match operations included in `selector` and fail `expression`. - `const RuleBulkEditParamsBodyActionLog RuleBulkEditParamsBodyAction = "log"` - `const RuleBulkEditParamsBodyActionBlock RuleBulkEditParamsBodyAction = "block"` - `Description string` A human-readable description that gives more details than `title`. - `Enabled bool` Toggle rule on or off. - `Expression string` Rule expression. Requests that fail to match this expression will be subject to `action`. For details on expressions, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Position RuleBulkEditParamsBodyPosition` Update rule order among zone rules. - `type RuleBulkEditParamsBodyPositionAPIShieldIndex struct{…}` - `Index int64` Move rule to this position - `type RuleBulkEditParamsBodyPositionAPIShieldBefore struct{…}` Move rule to after rule with ID. - `Before string` Move rule to before rule with this ID. - `type RuleBulkEditParamsBodyPositionAPIShieldAfter struct{…}` Move rule to before rule with ID. - `After string` Move rule to after rule with this ID. - `Selector RuleBulkEditParamsBodySelector` Select operations covered by this rule. For details on selectors, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Exclude []RuleBulkEditParamsBodySelectorExclude` Ignore operations that were otherwise included by `include`. - `OperationIDs []string` Excluded operation IDs. - `Include []RuleBulkEditParamsBodySelectorInclude` Select all matching operations. - `Host []string` Included hostnames. - `Title string` A human-readable name for the rule. ### Returns - `type TokenValidationRule struct{…}` A Token Validation rule that can enforce security policies using JWT Tokens. - `Action TokenValidationRuleAction` Action to take on requests that match operations included in `selector` and fail `expression`. - `const TokenValidationRuleActionLog TokenValidationRuleAction = "log"` - `const TokenValidationRuleActionBlock TokenValidationRuleAction = "block"` - `Description string` A human-readable description that gives more details than `title`. - `Enabled bool` Toggle rule on or off. - `Expression string` Rule expression. Requests that fail to match this expression will be subject to `action`. For details on expressions, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Selector TokenValidationRuleSelector` Select operations covered by this rule. For details on selectors, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Exclude []TokenValidationRuleSelectorExclude` Ignore operations that were otherwise included by `include`. - `OperationIDs []string` Excluded operation IDs. - `Include []TokenValidationRuleSelectorInclude` Select all matching operations. - `Host []string` Included hostnames. - `Title string` A human-readable name for the rule. - `ID string` UUID. - `CreatedAt Time` - `LastUpdated Time` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/token_validation" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.TokenValidation.Rules.BulkEdit(context.TODO(), token_validation.RuleBulkEditParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Body: []token_validation.RuleBulkEditParamsBody{token_validation.RuleBulkEditParamsBody{ ID: cloudflare.F("0d9bf70c-92e1-4bb3-9411-34a3bcc59003"), }}, }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "action": "log", "description": "Long description for Token Validation Rule", "enabled": true, "expression": "is_jwt_valid(\"52973293-cb04-4a97-8f55-e7d2ad1107dd\") or is_jwt_valid(\"46eab8d1-6376-45e3-968f-2c649d77d423\")", "selector": { "exclude": [ { "operation_ids": [ "f9c5615e-fe15-48ce-bec6-cfc1946f1bec", "56828eae-035a-4396-ba07-51c66d680a04" ] } ], "include": [ { "host": [ "v1.example.com", "v2.example.com" ] } ] }, "title": "Example Token Validation Rule", "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "created_at": "2014-01-01T05:20:00.12345Z", "last_updated": "2014-01-01T05:20:00.12345Z" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Get a zone token validation rule `client.TokenValidation.Rules.Get(ctx, ruleID, query) (*TokenValidationRule, error)` **get** `/zones/{zone_id}/token_validation/rules/{rule_id}` Get a zone token validation rule. ### Parameters - `ruleID string` UUID. - `query RuleGetParams` - `ZoneID param.Field[string]` Identifier. ### Returns - `type TokenValidationRule struct{…}` A Token Validation rule that can enforce security policies using JWT Tokens. - `Action TokenValidationRuleAction` Action to take on requests that match operations included in `selector` and fail `expression`. - `const TokenValidationRuleActionLog TokenValidationRuleAction = "log"` - `const TokenValidationRuleActionBlock TokenValidationRuleAction = "block"` - `Description string` A human-readable description that gives more details than `title`. - `Enabled bool` Toggle rule on or off. - `Expression string` Rule expression. Requests that fail to match this expression will be subject to `action`. For details on expressions, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Selector TokenValidationRuleSelector` Select operations covered by this rule. For details on selectors, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Exclude []TokenValidationRuleSelectorExclude` Ignore operations that were otherwise included by `include`. - `OperationIDs []string` Excluded operation IDs. - `Include []TokenValidationRuleSelectorInclude` Select all matching operations. - `Host []string` Included hostnames. - `Title string` A human-readable name for the rule. - `ID string` UUID. - `CreatedAt Time` - `LastUpdated Time` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/token_validation" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) tokenValidationRule, err := client.TokenValidation.Rules.Get( context.TODO(), "4a7ee8d3-dd63-4ceb-9d5f-c27831854ce7", token_validation.RuleGetParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", tokenValidationRule.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "action": "log", "description": "Long description for Token Validation Rule", "enabled": true, "expression": "is_jwt_valid(\"52973293-cb04-4a97-8f55-e7d2ad1107dd\") or is_jwt_valid(\"46eab8d1-6376-45e3-968f-2c649d77d423\")", "selector": { "exclude": [ { "operation_ids": [ "f9c5615e-fe15-48ce-bec6-cfc1946f1bec", "56828eae-035a-4396-ba07-51c66d680a04" ] } ], "include": [ { "host": [ "v1.example.com", "v2.example.com" ] } ] }, "title": "Example Token Validation Rule", "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "created_at": "2014-01-01T05:20:00.12345Z", "last_updated": "2014-01-01T05:20:00.12345Z" }, "success": true } ``` ## Delete a zone token validation rule `client.TokenValidation.Rules.Delete(ctx, ruleID, body) (*RuleDeleteResponse, error)` **delete** `/zones/{zone_id}/token_validation/rules/{rule_id}` Delete a zone token validation rule. ### Parameters - `ruleID string` UUID. - `body RuleDeleteParams` - `ZoneID param.Field[string]` Identifier. ### Returns - `type RuleDeleteResponse interface{…}` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/token_validation" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) rule, err := client.TokenValidation.Rules.Delete( context.TODO(), "4a7ee8d3-dd63-4ceb-9d5f-c27831854ce7", token_validation.RuleDeleteParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", rule) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": {} } ``` ## Edit a zone token validation rule `client.TokenValidation.Rules.Edit(ctx, ruleID, params) (*TokenValidationRule, error)` **patch** `/zones/{zone_id}/token_validation/rules/{rule_id}` Edit a zone token validation rule. ### Parameters - `ruleID string` UUID. - `params RuleEditParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Action param.Field[RuleEditParamsAction]` Body param: Action to take on requests that match operations included in `selector` and fail `expression`. - `const RuleEditParamsActionLog RuleEditParamsAction = "log"` - `const RuleEditParamsActionBlock RuleEditParamsAction = "block"` - `Description param.Field[string]` Body param: A human-readable description that gives more details than `title`. - `Enabled param.Field[bool]` Body param: Toggle rule on or off. - `Expression param.Field[string]` Body param: Rule expression. Requests that fail to match this expression will be subject to `action`. For details on expressions, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Position param.Field[RuleEditParamsPosition]` Body param: Update rule order among zone rules. - `type RuleEditParamsPositionAPIShieldIndex struct{…}` - `Index int64` Move rule to this position - `type RuleEditParamsPositionAPIShieldBefore struct{…}` Move rule to after rule with ID. - `Before string` Move rule to before rule with this ID. - `type RuleEditParamsPositionAPIShieldAfter struct{…}` Move rule to before rule with ID. - `After string` Move rule to after rule with this ID. - `Selector param.Field[RuleEditParamsSelector]` Body param: Select operations covered by this rule. For details on selectors, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Exclude []RuleEditParamsSelectorExclude` Ignore operations that were otherwise included by `include`. - `OperationIDs []string` Excluded operation IDs. - `Include []RuleEditParamsSelectorInclude` Select all matching operations. - `Host []string` Included hostnames. - `Title param.Field[string]` Body param: A human-readable name for the rule. ### Returns - `type TokenValidationRule struct{…}` A Token Validation rule that can enforce security policies using JWT Tokens. - `Action TokenValidationRuleAction` Action to take on requests that match operations included in `selector` and fail `expression`. - `const TokenValidationRuleActionLog TokenValidationRuleAction = "log"` - `const TokenValidationRuleActionBlock TokenValidationRuleAction = "block"` - `Description string` A human-readable description that gives more details than `title`. - `Enabled bool` Toggle rule on or off. - `Expression string` Rule expression. Requests that fail to match this expression will be subject to `action`. For details on expressions, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Selector TokenValidationRuleSelector` Select operations covered by this rule. For details on selectors, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Exclude []TokenValidationRuleSelectorExclude` Ignore operations that were otherwise included by `include`. - `OperationIDs []string` Excluded operation IDs. - `Include []TokenValidationRuleSelectorInclude` Select all matching operations. - `Host []string` Included hostnames. - `Title string` A human-readable name for the rule. - `ID string` UUID. - `CreatedAt Time` - `LastUpdated Time` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/token_validation" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) tokenValidationRule, err := client.TokenValidation.Rules.Edit( context.TODO(), "4a7ee8d3-dd63-4ceb-9d5f-c27831854ce7", token_validation.RuleEditParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", tokenValidationRule.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "action": "log", "description": "Long description for Token Validation Rule", "enabled": true, "expression": "is_jwt_valid(\"52973293-cb04-4a97-8f55-e7d2ad1107dd\") or is_jwt_valid(\"46eab8d1-6376-45e3-968f-2c649d77d423\")", "selector": { "exclude": [ { "operation_ids": [ "f9c5615e-fe15-48ce-bec6-cfc1946f1bec", "56828eae-035a-4396-ba07-51c66d680a04" ] } ], "include": [ { "host": [ "v1.example.com", "v2.example.com" ] } ] }, "title": "Example Token Validation Rule", "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "created_at": "2014-01-01T05:20:00.12345Z", "last_updated": "2014-01-01T05:20:00.12345Z" }, "success": true } ``` ## Domain Types ### Token Validation Rule - `type TokenValidationRule struct{…}` A Token Validation rule that can enforce security policies using JWT Tokens. - `Action TokenValidationRuleAction` Action to take on requests that match operations included in `selector` and fail `expression`. - `const TokenValidationRuleActionLog TokenValidationRuleAction = "log"` - `const TokenValidationRuleActionBlock TokenValidationRuleAction = "block"` - `Description string` A human-readable description that gives more details than `title`. - `Enabled bool` Toggle rule on or off. - `Expression string` Rule expression. Requests that fail to match this expression will be subject to `action`. For details on expressions, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Selector TokenValidationRuleSelector` Select operations covered by this rule. For details on selectors, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/). - `Exclude []TokenValidationRuleSelectorExclude` Ignore operations that were otherwise included by `include`. - `OperationIDs []string` Excluded operation IDs. - `Include []TokenValidationRuleSelectorInclude` Select all matching operations. - `Host []string` Included hostnames. - `Title string` A human-readable name for the rule. - `ID string` UUID. - `CreatedAt Time` - `LastUpdated Time`