Get a zone token validation rule

client.TokenValidation.Rules.Get(ctx, ruleID, query) (*TokenValidationRule, error)

GET/zones/{zone_id}/token_validation/rules/{rule_id}

Get a zone token validation rule.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Account API GatewayAccount API Gateway ReadDomain API GatewayDomain API Gateway Read

ParametersExpand Collapse

ruleID string

UUID.

maxLength36

minLength36

query RuleGetParams

ZoneID param.Field[string]

Identifier.

maxLength32

ReturnsExpand Collapse

type TokenValidationRule struct{…}

A Token Validation rule that can enforce security policies using JWT Tokens.

Action TokenValidationRuleAction

Action to take on requests that match operations included in selector and fail expression.

One of the following:

const TokenValidationRuleActionLog TokenValidationRuleAction = "log"

const TokenValidationRuleActionBlock TokenValidationRuleAction = "block"

Description string

A human-readable description that gives more details than title.

maxLength500

Enabled bool

Toggle rule on or off.

Expression string

Rule expression. Requests that fail to match this expression will be subject to action.

For details on expressions, see the Cloudflare Docs.

Selector TokenValidationRuleSelector

Select operations covered by this rule.

For details on selectors, see the Cloudflare Docs.

Exclude []TokenValidationRuleSelectorExcludeoptional

Ignore operations that were otherwise included by include.

OperationIDs []stringoptional

Excluded operation IDs.

Include []TokenValidationRuleSelectorIncludeoptional

Select all matching operations.

Host []stringoptional

Included hostnames.

Title string

A human-readable name for the rule.

maxLength50

ID stringoptional

UUID.

maxLength36

minLength36

CreatedAt Timeoptional

formatdate-time

LastUpdated Timeoptional

formatdate-time

Get a zone token validation rule

package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/option"
  "github.com/cloudflare/cloudflare-go/token_validation"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  tokenValidationRule, err := client.TokenValidation.Rules.Get(
    context.TODO(),
    "4a7ee8d3-dd63-4ceb-9d5f-c27831854ce7",
    token_validation.RuleGetParams{
      ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
    },
  )
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", tokenValidationRule.ID)
}

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "action": "log",
    "description": "Long description for Token Validation Rule",
    "enabled": true,
    "expression": "is_jwt_valid(\"52973293-cb04-4a97-8f55-e7d2ad1107dd\") or is_jwt_valid(\"46eab8d1-6376-45e3-968f-2c649d77d423\")",
    "selector": {
      "exclude": [
        {
          "operation_ids": [
            "f9c5615e-fe15-48ce-bec6-cfc1946f1bec",
            "56828eae-035a-4396-ba07-51c66d680a04"
          ]
        }
      ],
      "include": [
        {
          "host": [
            "v1.example.com",
            "v2.example.com"
          ]
        }
      ]
    },
    "title": "Example Token Validation Rule",
    "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "created_at": "2014-01-01T05:20:00.12345Z",
    "last_updated": "2014-01-01T05:20:00.12345Z"
  },
  "success": true
}

Returns Examples

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "action": "log",
    "description": "Long description for Token Validation Rule",
    "enabled": true,
    "expression": "is_jwt_valid(\"52973293-cb04-4a97-8f55-e7d2ad1107dd\") or is_jwt_valid(\"46eab8d1-6376-45e3-968f-2c649d77d423\")",
    "selector": {
      "exclude": [
        {
          "operation_ids": [
            "f9c5615e-fe15-48ce-bec6-cfc1946f1bec",
            "56828eae-035a-4396-ba07-51c66d680a04"
          ]
        }
      ],
      "include": [
        {
          "host": [
            "v1.example.com",
            "v2.example.com"
          ]
        }
      ]
    },
    "title": "Example Token Validation Rule",
    "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "created_at": "2014-01-01T05:20:00.12345Z",
    "last_updated": "2014-01-01T05:20:00.12345Z"
  },
  "success": true
}