API Reference

Token Validation

Rules

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

List token validation rules

client.TokenValidation.Rules.List(ctx, params) (*V4PagePaginationArray[TokenValidationRule], error)

GET/zones/{zone_id}/token_validation/rules

List token validation rules

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Account API GatewayAccount API Gateway ReadDomain API GatewayDomain API Gateway Read

ParametersExpand Collapse

params RuleListParams

ZoneID param.Field[string]

Path param: Identifier.

maxLength32

ID param.Field[string]optional

Query param: Select rules with these IDs.

maxLength36

minLength36

Action param.Field[RuleListParamsAction]optional

Query param: Action to take on requests that match operations included in selector and fail expression.

const RuleListParamsActionLog RuleListParamsAction = "log"

const RuleListParamsActionBlock RuleListParamsAction = "block"

Enabled param.Field[bool]optional

Query param: Toggle rule on or off.

Host param.Field[string]optional

Query param: Select rules with this host in include.

formathostname

maxLength255

Hostname param.Field[string]optional

Query param: Select rules with this host in include.

formathostname

maxLength255

Page param.Field[int64]optional

Query param: Page number of paginated results.

minimum1

PerPage param.Field[int64]optional

Query param: Maximum number of results per page.

maximum50

minimum5

RuleID param.Field[string]optional

Query param: Select rules with these IDs.

maxLength36

minLength36

TokenConfiguration param.Field[[]string]optional

Query param: Select rules using any of these token configurations.

ReturnsExpand Collapse

type TokenValidationRule struct{…}

A Token Validation rule that can enforce security policies using JWT Tokens.

Action TokenValidationRuleAction

Action to take on requests that match operations included in selector and fail expression.

One of the following:

const TokenValidationRuleActionLog TokenValidationRuleAction = "log"

const TokenValidationRuleActionBlock TokenValidationRuleAction = "block"

Description string

A human-readable description that gives more details than title.

maxLength500

Enabled bool

Toggle rule on or off.

Expression string

Rule expression. Requests that fail to match this expression will be subject to action.

For details on expressions, see the Cloudflare Docs.

Selector TokenValidationRuleSelector

Select operations covered by this rule.

For details on selectors, see the Cloudflare Docs.

Exclude []TokenValidationRuleSelectorExcludeoptional

Ignore operations that were otherwise included by include.

OperationIDs []stringoptional

Excluded operation IDs.

Include []TokenValidationRuleSelectorIncludeoptional

Select all matching operations.

Host []stringoptional

Included hostnames.

Title string

A human-readable name for the rule.

maxLength50

ID stringoptional

UUID.

maxLength36

minLength36

CreatedAt Timeoptional

formatdate-time

LastUpdated Timeoptional

formatdate-time

List token validation rules

Go

HTTP

TypeScript

Python

Go

Terraform

package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/option"
  "github.com/cloudflare/cloudflare-go/token_validation"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  page, err := client.TokenValidation.Rules.List(context.TODO(), token_validation.RuleListParams{
    ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", page)
}

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": [
    {
      "action": "log",
      "description": "Long description for Token Validation Rule",
      "enabled": true,
      "expression": "is_jwt_valid(\"52973293-cb04-4a97-8f55-e7d2ad1107dd\") or is_jwt_valid(\"46eab8d1-6376-45e3-968f-2c649d77d423\")",
      "selector": {
        "exclude": [
          {
            "operation_ids": [
              "f9c5615e-fe15-48ce-bec6-cfc1946f1bec",
              "56828eae-035a-4396-ba07-51c66d680a04"
            ]
          }
        ],
        "include": [
          {
            "host": [
              "v1.example.com",
              "v2.example.com"
            ]
          }
        ]
      },
      "title": "Example Token Validation Rule",
      "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
      "created_at": "2014-01-01T05:20:00.12345Z",
      "last_updated": "2014-01-01T05:20:00.12345Z"
    }
  ],
  "success": true,
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000,
    "total_pages": 100
  }
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": [
    {
      "action": "log",
      "description": "Long description for Token Validation Rule",
      "enabled": true,
      "expression": "is_jwt_valid(\"52973293-cb04-4a97-8f55-e7d2ad1107dd\") or is_jwt_valid(\"46eab8d1-6376-45e3-968f-2c649d77d423\")",
      "selector": {
        "exclude": [
          {
            "operation_ids": [
              "f9c5615e-fe15-48ce-bec6-cfc1946f1bec",
              "56828eae-035a-4396-ba07-51c66d680a04"
            ]
          }
        ],
        "include": [
          {
            "host": [
              "v1.example.com",
              "v2.example.com"
            ]
          }
        ]
      },
      "title": "Example Token Validation Rule",
      "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
      "created_at": "2014-01-01T05:20:00.12345Z",
      "last_updated": "2014-01-01T05:20:00.12345Z"
    }
  ],
  "success": true,
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000,
    "total_pages": 100
  }
}