API Reference

Token Validation

Configuration

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Get a single Token Configuration

client.TokenValidation.Configuration.Get(ctx, configID, query) (*TokenConfig, error)

GET/zones/{zone_id}/token_validation/config/{config_id}

Get a single Token Configuration

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Account API GatewayAccount API Gateway ReadDomain API GatewayDomain API Gateway Read

ParametersExpand Collapse

configID string

UUID.

maxLength36

minLength36

query ConfigurationGetParams

ZoneID param.Field[string]

Identifier.

maxLength32

ReturnsExpand Collapse

type TokenConfig struct{…}

ID string

UUID.

maxLength36

minLength36

CreatedAt Time

formatdate-time

Credentials TokenConfigCredentials

Keys []TokenConfigCredentialsKey

One of the following:

type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSA struct{…}

JSON representation of an RSA key.

Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg

Algorithm

One of the following:

const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS256"

const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS384"

const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgRs512 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "RS512"

const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs256 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS256"

const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs384 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS384"

const TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlgPs512 TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAAlg = "PS512"

E string

RSA exponent

Kid string

Key ID

Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyRSAKty

Key Type

N string

RSA modulus

type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256 struct{…}

JSON representation of an ES256 key

Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Alg

Algorithm

Crv TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Crv

Curve

Kid string

Key ID

Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs256Kty

Key Type

X string

X EC coordinate

Y string

Y EC coordinate

type TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384 struct{…}

JSON representation of an ES384 key

Alg TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Alg

Algorithm

Crv TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Crv

Curve

Kid string

Key ID

Kty TokenConfigCredentialsKeysAPIShieldCredentialsJWTKeyEcEs384Kty

Key Type

X string

X EC coordinate

Y string

Y EC coordinate

Description string

maxLength500

LastUpdated Time

formatdate-time

Title string

maxLength50

TokenSources []string

TokenType TokenConfigTokenType

Get a single Token Configuration

Go

HTTP

TypeScript

Python

Go

Terraform

package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/option"
  "github.com/cloudflare/cloudflare-go/token_validation"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  tokenConfig, err := client.TokenValidation.Configuration.Get(
    context.TODO(),
    "4a7ee8d3-dd63-4ceb-9d5f-c27831854ce7",
    token_validation.ConfigurationGetParams{
      ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
    },
  )
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", tokenConfig.ID)
}

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "created_at": "2014-01-01T05:20:00.12345Z",
    "credentials": {
      "keys": [
        {
          "alg": "ES256",
          "crv": "P-256",
          "kid": "38013f13-c266-4eec-a72a-92ec92779f21",
          "kty": "EC",
          "x": "KN53JRwN3wCjm2o39bvZUX2VdrsHzS8pxOAGjm8m7EQ",
          "y": "lnkkzIxaveggz-HFhcMWW15nxvOj0Z_uQsXbpK0GFcY"
        }
      ]
    },
    "description": "Long description for Token Validation Configuration",
    "last_updated": "2014-01-01T05:20:00.12345Z",
    "title": "Example Token Validation Configuration",
    "token_sources": [
      "http.request.headers[\"x-auth\"][0]",
      "http.request.cookies[\"Authorization\"][0]"
    ],
    "token_type": "JWT"
  },
  "success": true
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "created_at": "2014-01-01T05:20:00.12345Z",
    "credentials": {
      "keys": [
        {
          "alg": "ES256",
          "crv": "P-256",
          "kid": "38013f13-c266-4eec-a72a-92ec92779f21",
          "kty": "EC",
          "x": "KN53JRwN3wCjm2o39bvZUX2VdrsHzS8pxOAGjm8m7EQ",
          "y": "lnkkzIxaveggz-HFhcMWW15nxvOj0Z_uQsXbpK0GFcY"
        }
      ]
    },
    "description": "Long description for Token Validation Configuration",
    "last_updated": "2014-01-01T05:20:00.12345Z",
    "title": "Example Token Validation Configuration",
    "token_sources": [
      "http.request.headers[\"x-auth\"][0]",
      "http.request.cookies[\"Authorization\"][0]"
    ],
    "token_type": "JWT"
  },
  "success": true
}