Skip to content
Cloudflare API
Start here
API Reference
Token Validation
Rules

Bulk edit token validation rules

client.TokenValidation.Rules.BulkEdit(ctx, params) (*SinglePage[TokenValidationRule], error)
PATCH/zones/{zone_id}/token_validation/rules/bulk

Edit token validation rules.

A request can update multiple Token Validation Rules.

Rules can be re-ordered using the position field.

Returns all updated rules.

Security
API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY
API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194
Accepted Permissions (at least one required)
Account API GatewayDomain API Gateway
ParametersExpand Collapse
params RuleBulkEditParams
ZoneID param.Field[string]

Path param: Identifier.

maxLength32
Body param.Field[[]RuleBulkEditParamsBody]

Body param

ID string

Rule ID this patch applies to

formatuuid
maxLength36
Action RuleBulkEditParamsBodyActionoptional

Action to take on requests that match operations included in selector and fail expression.

One of the following:
const RuleBulkEditParamsBodyActionLog RuleBulkEditParamsBodyAction = "log"
const RuleBulkEditParamsBodyActionBlock RuleBulkEditParamsBodyAction = "block"
Description stringoptional

A human-readable description that gives more details than title.

maxLength500
Enabled booloptional

Toggle rule on or off.

Expression stringoptional

Rule expression. Requests that fail to match this expression will be subject to action.

For details on expressions, see the Cloudflare Docs.

Position RuleBulkEditParamsBodyPositionoptional

Update rule order among zone rules.

One of the following:
type RuleBulkEditParamsBodyPositionAPIShieldIndex struct{…}
Index int64

Move rule to this position

minimum1
type RuleBulkEditParamsBodyPositionAPIShieldBefore struct{…}

Move rule to after rule with ID.

Before stringoptional

Move rule to before rule with this ID.

formatuuid
maxLength36
type RuleBulkEditParamsBodyPositionAPIShieldAfter struct{…}

Move rule to before rule with ID.

After stringoptional

Move rule to after rule with this ID.

formatuuid
maxLength36
Selector RuleBulkEditParamsBodySelectoroptional

Select operations covered by this rule.

For details on selectors, see the Cloudflare Docs.

Exclude []RuleBulkEditParamsBodySelectorExcludeoptional

Ignore operations that were otherwise included by include.

OperationIDs []stringoptional

Excluded operation IDs.

Include []RuleBulkEditParamsBodySelectorIncludeoptional

Select all matching operations.

Host []stringoptional

Included hostnames.

Title stringoptional

A human-readable name for the rule.

maxLength50
ReturnsExpand Collapse
type TokenValidationRule struct{…}

A Token Validation rule that can enforce security policies using JWT Tokens.

Action TokenValidationRuleAction

Action to take on requests that match operations included in selector and fail expression.

One of the following:
const TokenValidationRuleActionLog TokenValidationRuleAction = "log"
const TokenValidationRuleActionBlock TokenValidationRuleAction = "block"
Description string

A human-readable description that gives more details than title.

maxLength500
Enabled bool

Toggle rule on or off.

Expression string

Rule expression. Requests that fail to match this expression will be subject to action.

For details on expressions, see the Cloudflare Docs.

Selector TokenValidationRuleSelector

Select operations covered by this rule.

For details on selectors, see the Cloudflare Docs.

Exclude []TokenValidationRuleSelectorExcludeoptional

Ignore operations that were otherwise included by include.

OperationIDs []stringoptional

Excluded operation IDs.

Include []TokenValidationRuleSelectorIncludeoptional

Select all matching operations.

Host []stringoptional

Included hostnames.

Title string

A human-readable name for the rule.

maxLength50
ID stringoptional

UUID.

maxLength36
minLength36
CreatedAt Timeoptional
formatdate-time
LastUpdated Timeoptional
formatdate-time

Bulk edit token validation rules

package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/option"
  "github.com/cloudflare/cloudflare-go/token_validation"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  page, err := client.TokenValidation.Rules.BulkEdit(context.TODO(), token_validation.RuleBulkEditParams{
    ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
    Body: []token_validation.RuleBulkEditParamsBody{token_validation.RuleBulkEditParamsBody{
      ID: cloudflare.F("0d9bf70c-92e1-4bb3-9411-34a3bcc59003"),
    }},
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", page)
}

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": [
    {
      "action": "log",
      "description": "Long description for Token Validation Rule",
      "enabled": true,
      "expression": "is_jwt_valid(\"52973293-cb04-4a97-8f55-e7d2ad1107dd\") or is_jwt_valid(\"46eab8d1-6376-45e3-968f-2c649d77d423\")",
      "selector": {
        "exclude": [
          {
            "operation_ids": [
              "f9c5615e-fe15-48ce-bec6-cfc1946f1bec",
              "56828eae-035a-4396-ba07-51c66d680a04"
            ]
          }
        ],
        "include": [
          {
            "host": [
              "v1.example.com",
              "v2.example.com"
            ]
          }
        ]
      },
      "title": "Example Token Validation Rule",
      "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
      "created_at": "2014-01-01T05:20:00.12345Z",
      "last_updated": "2014-01-01T05:20:00.12345Z"
    }
  ],
  "success": true,
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000,
    "total_pages": 100
  }
}
Returns Examples
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": [
    {
      "action": "log",
      "description": "Long description for Token Validation Rule",
      "enabled": true,
      "expression": "is_jwt_valid(\"52973293-cb04-4a97-8f55-e7d2ad1107dd\") or is_jwt_valid(\"46eab8d1-6376-45e3-968f-2c649d77d423\")",
      "selector": {
        "exclude": [
          {
            "operation_ids": [
              "f9c5615e-fe15-48ce-bec6-cfc1946f1bec",
              "56828eae-035a-4396-ba07-51c66d680a04"
            ]
          }
        ],
        "include": [
          {
            "host": [
              "v1.example.com",
              "v2.example.com"
            ]
          }
        ]
      },
      "title": "Example Token Validation Rule",
      "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
      "created_at": "2014-01-01T05:20:00.12345Z",
      "last_updated": "2014-01-01T05:20:00.12345Z"
    }
  ],
  "success": true,
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000,
    "total_pages": 100
  }
}