Skip to content
Cloudflare API
Start here
API Reference
Zero Trust
Access
Service Tokens

Update a service token

client.ZeroTrust.Access.ServiceTokens.Update(ctx, serviceTokenID, params) (*ServiceToken, error)
PUT/{accounts_or_zones}/{account_or_zone_id}/access/service_tokens/{service_token_id}

Updates a configured service token.

Security
API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY
API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194
Accepted Permissions (at least one required)
Access: Service Tokens Write
ParametersExpand Collapse
serviceTokenID string

UUID.

maxLength36
params AccessServiceTokenUpdateParams
AccountID param.Field[string]optional

Path param: The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.

ZoneID param.Field[string]optional

Path param: The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.

ClientSecretVersion param.Field[float64]optional

Body param: A version number identifying the current client_secret associated with the service token. Incrementing it triggers a rotation; the previous secret will still be accepted until the time indicated by previous_client_secret_expires_at.

Duration param.Field[string]optional

Body param: The duration for how long the service token will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h. The default is 1 year in hours (8760h).

Name param.Field[string]optional

Body param: The name of the service token.

PreviousClientSecretExpiresAt param.Field[Time]optional

Body param: The expiration of the previous client_secret. This can be modified at any point after a rotation. For example, you may extend it further into the future if you need more time to update services with the new secret; or move it into the past to immediately invalidate the previous token in case of compromise.

formatdate-time
ReturnsExpand Collapse
type ServiceToken struct{…}
ID stringoptional

The ID of the service token.

maxLength36
ClientID stringoptional

The Client ID for the service token. Access will check for this value in the CF-Access-Client-ID request header.

Duration stringoptional

The duration for how long the service token will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h. The default is 1 year in hours (8760h).

ExpiresAt Timeoptional
formatdate-time
Name stringoptional

The name of the service token.

Update a service token

package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/option"
  "github.com/cloudflare/cloudflare-go/zero_trust"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  serviceToken, err := client.ZeroTrust.Access.ServiceTokens.Update(
    context.TODO(),
    "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    zero_trust.AccessServiceTokenUpdateParams{

    },
  )
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", serviceToken.ID)
}

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "client_id": "88bf3b6d86161464f6509f7219099e57.access.example.com",
    "created_at": "2014-01-01T05:20:00.12345Z",
    "duration": "60m",
    "expires_at": "2014-01-01T05:20:00.12345Z",
    "last_seen_at": "2014-01-01T05:20:00.12345Z",
    "name": "CI/CD token",
    "updated_at": "2014-01-01T05:20:00.12345Z"
  }
}
Returns Examples
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "client_id": "88bf3b6d86161464f6509f7219099e57.access.example.com",
    "created_at": "2014-01-01T05:20:00.12345Z",
    "duration": "60m",
    "expires_at": "2014-01-01T05:20:00.12345Z",
    "last_seen_at": "2014-01-01T05:20:00.12345Z",
    "name": "CI/CD token",
    "updated_at": "2014-01-01T05:20:00.12345Z"
  }
}