## Create a token validation rule

`client.TokenValidation.Rules.New(ctx, params) (*TokenValidationRule, error)`

**post** `/zones/{zone_id}/token_validation/rules`

Create a token validation rule.

### Parameters

- `params RuleNewParams`

  - `ZoneID param.Field[string]`

    Path param: Identifier.

  - `Action param.Field[RuleNewParamsAction]`

    Body param: Action to take on requests that match operations included in `selector` and fail `expression`.

    - `const RuleNewParamsActionLog RuleNewParamsAction = "log"`

    - `const RuleNewParamsActionBlock RuleNewParamsAction = "block"`

  - `Description param.Field[string]`

    Body param: A human-readable description that gives more details than `title`.

  - `Enabled param.Field[bool]`

    Body param: Toggle rule on or off.

  - `Expression param.Field[string]`

    Body param: Rule expression. Requests that fail to match this expression will be subject to `action`.

    For details on expressions, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/).

  - `Selector param.Field[RuleNewParamsSelector]`

    Body param: Select operations covered by this rule.

    For details on selectors, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/).

    - `Exclude []RuleNewParamsSelectorExclude`

      Ignore operations that were otherwise included by `include`.

      - `OperationIDs []string`

        Excluded operation IDs.

    - `Include []RuleNewParamsSelectorInclude`

      Select all matching operations.

      - `Host []string`

        Included hostnames.

  - `Title param.Field[string]`

    Body param: A human-readable name for the rule.

### Returns

- `type TokenValidationRule struct{…}`

  A Token Validation rule that can enforce security policies using JWT Tokens.

  - `Action TokenValidationRuleAction`

    Action to take on requests that match operations included in `selector` and fail `expression`.

    - `const TokenValidationRuleActionLog TokenValidationRuleAction = "log"`

    - `const TokenValidationRuleActionBlock TokenValidationRuleAction = "block"`

  - `Description string`

    A human-readable description that gives more details than `title`.

  - `Enabled bool`

    Toggle rule on or off.

  - `Expression string`

    Rule expression. Requests that fail to match this expression will be subject to `action`.

    For details on expressions, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/).

  - `Selector TokenValidationRuleSelector`

    Select operations covered by this rule.

    For details on selectors, see the [Cloudflare Docs](https://developers.cloudflare.com/api-shield/security/jwt-validation/).

    - `Exclude []TokenValidationRuleSelectorExclude`

      Ignore operations that were otherwise included by `include`.

      - `OperationIDs []string`

        Excluded operation IDs.

    - `Include []TokenValidationRuleSelectorInclude`

      Select all matching operations.

      - `Host []string`

        Included hostnames.

  - `Title string`

    A human-readable name for the rule.

  - `ID string`

    UUID.

  - `CreatedAt Time`

  - `LastUpdated Time`

### Example

```go
package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/option"
  "github.com/cloudflare/cloudflare-go/token_validation"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  tokenValidationRule, err := client.TokenValidation.Rules.New(context.TODO(), token_validation.RuleNewParams{
    ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
    Action: cloudflare.F(token_validation.RuleNewParamsActionLog),
    Description: cloudflare.F("Long description for Token Validation Rule"),
    Enabled: cloudflare.F(true),
    Expression: cloudflare.F(`is_jwt_valid("52973293-cb04-4a97-8f55-e7d2ad1107dd") or is_jwt_valid("46eab8d1-6376-45e3-968f-2c649d77d423")`),
    Selector: cloudflare.F(token_validation.RuleNewParamsSelector{

    }),
    Title: cloudflare.F("Example Token Validation Rule"),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", tokenValidationRule.ID)
}
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "action": "log",
    "description": "Long description for Token Validation Rule",
    "enabled": true,
    "expression": "is_jwt_valid(\"52973293-cb04-4a97-8f55-e7d2ad1107dd\") or is_jwt_valid(\"46eab8d1-6376-45e3-968f-2c649d77d423\")",
    "selector": {
      "exclude": [
        {
          "operation_ids": [
            "f9c5615e-fe15-48ce-bec6-cfc1946f1bec",
            "56828eae-035a-4396-ba07-51c66d680a04"
          ]
        }
      ],
      "include": [
        {
          "host": [
            "v1.example.com",
            "v2.example.com"
          ]
        }
      ]
    },
    "title": "Example Token Validation Rule",
    "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "created_at": "2014-01-01T05:20:00.12345Z",
    "last_updated": "2014-01-01T05:20:00.12345Z"
  },
  "success": true
}
```