# Risk Scoring ## Get risk event/score information for a specific user `client.ZeroTrust.RiskScoring.Get(ctx, userID, query) (*RiskScoringGetResponse, error)` **get** `/accounts/{account_id}/zt_risk_scoring/{user_id}` Retrieves the detailed risk score breakdown for a specific user, including contributing factors. ### Parameters - `userID string` - `query RiskScoringGetParams` - `AccountID param.Field[string]` ### Returns - `type RiskScoringGetResponse struct{…}` - `Email string` - `Events []RiskScoringGetResponseEvent` - `ID string` - `Name string` - `RiskLevel RiskScoringGetResponseEventsRiskLevel` - `const RiskScoringGetResponseEventsRiskLevelLow RiskScoringGetResponseEventsRiskLevel = "low"` - `const RiskScoringGetResponseEventsRiskLevelMedium RiskScoringGetResponseEventsRiskLevel = "medium"` - `const RiskScoringGetResponseEventsRiskLevelHigh RiskScoringGetResponseEventsRiskLevel = "high"` - `Timestamp Time` - `EventDetails unknown` - `Name string` - `LastResetTime Time` - `RiskLevel RiskScoringGetResponseRiskLevel` - `const RiskScoringGetResponseRiskLevelLow RiskScoringGetResponseRiskLevel = "low"` - `const RiskScoringGetResponseRiskLevelMedium RiskScoringGetResponseRiskLevel = "medium"` - `const RiskScoringGetResponseRiskLevelHigh RiskScoringGetResponseRiskLevel = "high"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/zero_trust" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) riskScoring, err := client.ZeroTrust.RiskScoring.Get( context.TODO(), "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", zero_trust.RiskScoringGetParams{ AccountID: cloudflare.F("account_id"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", riskScoring.Email) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "email": "email", "events": [ { "id": "id", "name": "name", "risk_level": "low", "timestamp": "2019-12-27T18:11:19.117Z", "event_details": {} } ], "name": "name", "last_reset_time": "2019-12-27T18:11:19.117Z", "risk_level": "low" }, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Clear the risk score for a particular user `client.ZeroTrust.RiskScoring.Reset(ctx, userID, body) (*RiskScoringResetResponse, error)` **post** `/accounts/{account_id}/zt_risk_scoring/{user_id}/reset` Resets risk scores for specified users, clearing their accumulated risk history. ### Parameters - `userID string` - `body RiskScoringResetParams` - `AccountID param.Field[string]` ### Returns - `type RiskScoringResetResponse interface{…}` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/zero_trust" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) response, err := client.ZeroTrust.RiskScoring.Reset( context.TODO(), "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", zero_trust.RiskScoringResetParams{ AccountID: cloudflare.F("account_id"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", response) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": {} } ``` # Behaviours ## Get all behaviors and associated configuration `client.ZeroTrust.RiskScoring.Behaviours.Get(ctx, query) (*RiskScoringBehaviourGetResponse, error)` **get** `/accounts/{account_id}/zt_risk_scoring/behaviors` Retrieves configured risk score behaviors that define how user actions affect their overall risk score. ### Parameters - `query RiskScoringBehaviourGetParams` - `AccountID param.Field[string]` ### Returns - `type RiskScoringBehaviourGetResponse struct{…}` - `Behaviors map[string, RiskScoringBehaviourGetResponseBehavior]` - `Description string` - `Enabled bool` - `Name string` - `RiskLevel RiskScoringBehaviourGetResponseBehaviorsRiskLevel` - `const RiskScoringBehaviourGetResponseBehaviorsRiskLevelLow RiskScoringBehaviourGetResponseBehaviorsRiskLevel = "low"` - `const RiskScoringBehaviourGetResponseBehaviorsRiskLevelMedium RiskScoringBehaviourGetResponseBehaviorsRiskLevel = "medium"` - `const RiskScoringBehaviourGetResponseBehaviorsRiskLevelHigh RiskScoringBehaviourGetResponseBehaviorsRiskLevel = "high"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/zero_trust" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) behaviour, err := client.ZeroTrust.RiskScoring.Behaviours.Get(context.TODO(), zero_trust.RiskScoringBehaviourGetParams{ AccountID: cloudflare.F("account_id"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", behaviour.Behaviors) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "behaviors": { "foo": { "description": "description", "enabled": true, "name": "name", "risk_level": "low" } } } } ``` ## Update configuration for risk behaviors `client.ZeroTrust.RiskScoring.Behaviours.Update(ctx, params) (*RiskScoringBehaviourUpdateResponse, error)` **put** `/accounts/{account_id}/zt_risk_scoring/behaviors` Updates risk score behavior configurations, defining weights and thresholds for risk calculation. ### Parameters - `params RiskScoringBehaviourUpdateParams` - `AccountID param.Field[string]` Path param: Account ID. - `Behaviors param.Field[map[string, RiskScoringBehaviourUpdateParamsBehaviors]]` Body param - `Enabled bool` - `RiskLevel RiskScoringBehaviourUpdateParamsBehaviorsRiskLevel` - `const RiskScoringBehaviourUpdateParamsBehaviorsRiskLevelLow RiskScoringBehaviourUpdateParamsBehaviorsRiskLevel = "low"` - `const RiskScoringBehaviourUpdateParamsBehaviorsRiskLevelMedium RiskScoringBehaviourUpdateParamsBehaviorsRiskLevel = "medium"` - `const RiskScoringBehaviourUpdateParamsBehaviorsRiskLevelHigh RiskScoringBehaviourUpdateParamsBehaviorsRiskLevel = "high"` ### Returns - `type RiskScoringBehaviourUpdateResponse struct{…}` - `Behaviors map[string, RiskScoringBehaviourUpdateResponseBehavior]` - `Enabled bool` - `RiskLevel RiskScoringBehaviourUpdateResponseBehaviorsRiskLevel` - `const RiskScoringBehaviourUpdateResponseBehaviorsRiskLevelLow RiskScoringBehaviourUpdateResponseBehaviorsRiskLevel = "low"` - `const RiskScoringBehaviourUpdateResponseBehaviorsRiskLevelMedium RiskScoringBehaviourUpdateResponseBehaviorsRiskLevel = "medium"` - `const RiskScoringBehaviourUpdateResponseBehaviorsRiskLevelHigh RiskScoringBehaviourUpdateResponseBehaviorsRiskLevel = "high"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/zero_trust" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) behaviour, err := client.ZeroTrust.RiskScoring.Behaviours.Update(context.TODO(), zero_trust.RiskScoringBehaviourUpdateParams{ AccountID: cloudflare.F("account_id"), Behaviors: cloudflare.F(map[string]zero_trust.RiskScoringBehaviourUpdateParamsBehaviors{ "foo": zero_trust.RiskScoringBehaviourUpdateParamsBehaviors{ Enabled: cloudflare.F(true), RiskLevel: cloudflare.F(zero_trust.RiskScoringBehaviourUpdateParamsBehaviorsRiskLevelLow), }, }), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", behaviour.Behaviors) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "behaviors": { "foo": { "enabled": true, "risk_level": "low" } } } } ``` # Summary ## Get risk score info for all users in the account `client.ZeroTrust.RiskScoring.Summary.Get(ctx, query) (*RiskScoringSummaryGetResponse, error)` **get** `/accounts/{account_id}/zt_risk_scoring/summary` Gets an aggregate summary of risk scores across the account, including distribution and trends. ### Parameters - `query RiskScoringSummaryGetParams` - `AccountID param.Field[string]` ### Returns - `type RiskScoringSummaryGetResponse struct{…}` - `Users []RiskScoringSummaryGetResponseUser` - `Email string` - `EventCount int64` - `LastEvent Time` - `MaxRiskLevel RiskScoringSummaryGetResponseUsersMaxRiskLevel` - `const RiskScoringSummaryGetResponseUsersMaxRiskLevelLow RiskScoringSummaryGetResponseUsersMaxRiskLevel = "low"` - `const RiskScoringSummaryGetResponseUsersMaxRiskLevelMedium RiskScoringSummaryGetResponseUsersMaxRiskLevel = "medium"` - `const RiskScoringSummaryGetResponseUsersMaxRiskLevelHigh RiskScoringSummaryGetResponseUsersMaxRiskLevel = "high"` - `Name string` - `UserID string` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/zero_trust" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) summary, err := client.ZeroTrust.RiskScoring.Summary.Get(context.TODO(), zero_trust.RiskScoringSummaryGetParams{ AccountID: cloudflare.F("account_id"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", summary.Users) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "users": [ { "email": "email", "event_count": 0, "last_event": "2019-12-27T18:11:19.117Z", "max_risk_level": "low", "name": "name", "user_id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e" } ] }, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` # Integrations ## List all risk score integrations for the account. `client.ZeroTrust.RiskScoring.Integrations.List(ctx, query) (*SinglePage[RiskScoringIntegrationListResponse], error)` **get** `/accounts/{account_id}/zt_risk_scoring/integrations` Lists all configured Zero Trust risk score integrations for the account. ### Parameters - `query RiskScoringIntegrationListParams` - `AccountID param.Field[string]` ### Returns - `type RiskScoringIntegrationListResponse struct{…}` - `ID string` The id of the integration, a UUIDv4. - `AccountTag string` The Cloudflare account tag. - `Active bool` Whether this integration is enabled and should export changes in risk score. - `CreatedAt Time` When the integration was created in RFC3339 format. - `IntegrationType RiskScoringIntegrationListResponseIntegrationType` - `const RiskScoringIntegrationListResponseIntegrationTypeOkta RiskScoringIntegrationListResponseIntegrationType = "Okta"` - `ReferenceID string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `TenantURL string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `WellKnownURL string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/zero_trust" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.ZeroTrust.RiskScoring.Integrations.List(context.TODO(), zero_trust.RiskScoringIntegrationListParams{ AccountID: cloudflare.F("account_id"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "account_tag": "account_tag", "active": true, "created_at": "2019-12-27T18:11:19.117Z", "integration_type": "Okta", "reference_id": "reference_id", "tenant_url": "tenant_url", "well_known_url": "well_known_url" } ] } ``` ## Get risk score integration by id. `client.ZeroTrust.RiskScoring.Integrations.Get(ctx, integrationID, query) (*RiskScoringIntegrationGetResponse, error)` **get** `/accounts/{account_id}/zt_risk_scoring/integrations/{integration_id}` Get risk score integration by id. ### Parameters - `integrationID string` - `query RiskScoringIntegrationGetParams` - `AccountID param.Field[string]` ### Returns - `type RiskScoringIntegrationGetResponse struct{…}` - `ID string` The id of the integration, a UUIDv4. - `AccountTag string` The Cloudflare account tag. - `Active bool` Whether this integration is enabled and should export changes in risk score. - `CreatedAt Time` When the integration was created in RFC3339 format. - `IntegrationType RiskScoringIntegrationGetResponseIntegrationType` - `const RiskScoringIntegrationGetResponseIntegrationTypeOkta RiskScoringIntegrationGetResponseIntegrationType = "Okta"` - `ReferenceID string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `TenantURL string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `WellKnownURL string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/zero_trust" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) integration, err := client.ZeroTrust.RiskScoring.Integrations.Get( context.TODO(), "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", zero_trust.RiskScoringIntegrationGetParams{ AccountID: cloudflare.F("account_id"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", integration.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "account_tag": "account_tag", "active": true, "created_at": "2019-12-27T18:11:19.117Z", "integration_type": "Okta", "reference_id": "reference_id", "tenant_url": "tenant_url", "well_known_url": "well_known_url" } } ``` ## Create new risk score integration. `client.ZeroTrust.RiskScoring.Integrations.New(ctx, params) (*RiskScoringIntegrationNewResponse, error)` **post** `/accounts/{account_id}/zt_risk_scoring/integrations` Creates a new Zero Trust risk score integration, connecting external risk signals to Cloudflare's risk scoring system. ### Parameters - `params RiskScoringIntegrationNewParams` - `AccountID param.Field[string]` Path param - `IntegrationType param.Field[RiskScoringIntegrationNewParamsIntegrationType]` Body param - `const RiskScoringIntegrationNewParamsIntegrationTypeOkta RiskScoringIntegrationNewParamsIntegrationType = "Okta"` - `TenantURL param.Field[string]` Body param: The base url of the tenant, e.g. "https://tenant.okta.com". - `ReferenceID param.Field[string]` Body param: A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider ### Returns - `type RiskScoringIntegrationNewResponse struct{…}` - `ID string` The id of the integration, a UUIDv4. - `AccountTag string` The Cloudflare account tag. - `Active bool` Whether this integration is enabled and should export changes in risk score. - `CreatedAt Time` When the integration was created in RFC3339 format. - `IntegrationType RiskScoringIntegrationNewResponseIntegrationType` - `const RiskScoringIntegrationNewResponseIntegrationTypeOkta RiskScoringIntegrationNewResponseIntegrationType = "Okta"` - `ReferenceID string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `TenantURL string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `WellKnownURL string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/zero_trust" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) integration, err := client.ZeroTrust.RiskScoring.Integrations.New(context.TODO(), zero_trust.RiskScoringIntegrationNewParams{ AccountID: cloudflare.F("account_id"), IntegrationType: cloudflare.F(zero_trust.RiskScoringIntegrationNewParamsIntegrationTypeOkta), TenantURL: cloudflare.F("https://example.com"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", integration.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "account_tag": "account_tag", "active": true, "created_at": "2019-12-27T18:11:19.117Z", "integration_type": "Okta", "reference_id": "reference_id", "tenant_url": "tenant_url", "well_known_url": "well_known_url" } } ``` ## Update a risk score integration. `client.ZeroTrust.RiskScoring.Integrations.Update(ctx, integrationID, params) (*RiskScoringIntegrationUpdateResponse, error)` **put** `/accounts/{account_id}/zt_risk_scoring/integrations/{integration_id}` Overwrite the reference_id, tenant_url, and active values with the ones provided. ### Parameters - `integrationID string` - `params RiskScoringIntegrationUpdateParams` - `AccountID param.Field[string]` Path param - `Active param.Field[bool]` Body param: Whether this integration is enabled. If disabled, no risk changes will be exported to the third-party. - `TenantURL param.Field[string]` Body param: The base url of the tenant, e.g. "https://tenant.okta.com". - `ReferenceID param.Field[string]` Body param: A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider ### Returns - `type RiskScoringIntegrationUpdateResponse struct{…}` - `ID string` The id of the integration, a UUIDv4. - `AccountTag string` The Cloudflare account tag. - `Active bool` Whether this integration is enabled and should export changes in risk score. - `CreatedAt Time` When the integration was created in RFC3339 format. - `IntegrationType RiskScoringIntegrationUpdateResponseIntegrationType` - `const RiskScoringIntegrationUpdateResponseIntegrationTypeOkta RiskScoringIntegrationUpdateResponseIntegrationType = "Okta"` - `ReferenceID string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `TenantURL string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `WellKnownURL string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/zero_trust" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) integration, err := client.ZeroTrust.RiskScoring.Integrations.Update( context.TODO(), "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", zero_trust.RiskScoringIntegrationUpdateParams{ AccountID: cloudflare.F("account_id"), Active: cloudflare.F(true), TenantURL: cloudflare.F("https://example.com"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", integration.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "account_tag": "account_tag", "active": true, "created_at": "2019-12-27T18:11:19.117Z", "integration_type": "Okta", "reference_id": "reference_id", "tenant_url": "tenant_url", "well_known_url": "well_known_url" } } ``` ## Delete a risk score integration. `client.ZeroTrust.RiskScoring.Integrations.Delete(ctx, integrationID, body) (*RiskScoringIntegrationDeleteResponse, error)` **delete** `/accounts/{account_id}/zt_risk_scoring/integrations/{integration_id}` Removes a Zero Trust risk score integration, disconnecting the external risk signal source. ### Parameters - `integrationID string` - `body RiskScoringIntegrationDeleteParams` - `AccountID param.Field[string]` ### Returns - `type RiskScoringIntegrationDeleteResponse interface{…}` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/zero_trust" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) integration, err := client.ZeroTrust.RiskScoring.Integrations.Delete( context.TODO(), "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", zero_trust.RiskScoringIntegrationDeleteParams{ AccountID: cloudflare.F("account_id"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", integration) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": {} } ``` # References ## Get risk score integration by reference id. `client.ZeroTrust.RiskScoring.Integrations.References.Get(ctx, referenceID, query) (*RiskScoringIntegrationReferenceGetResponse, error)` **get** `/accounts/{account_id}/zt_risk_scoring/integrations/reference_id/{reference_id}` Retrieves a Zero Trust risk score integration using its external reference ID. ### Parameters - `referenceID string` - `query RiskScoringIntegrationReferenceGetParams` - `AccountID param.Field[string]` ### Returns - `type RiskScoringIntegrationReferenceGetResponse struct{…}` - `ID string` The id of the integration, a UUIDv4. - `AccountTag string` The Cloudflare account tag. - `Active bool` Whether this integration is enabled and should export changes in risk score. - `CreatedAt Time` When the integration was created in RFC3339 format. - `IntegrationType RiskScoringIntegrationReferenceGetResponseIntegrationType` - `const RiskScoringIntegrationReferenceGetResponseIntegrationTypeOkta RiskScoringIntegrationReferenceGetResponseIntegrationType = "Okta"` - `ReferenceID string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `TenantURL string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `WellKnownURL string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/zero_trust" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) reference, err := client.ZeroTrust.RiskScoring.Integrations.References.Get( context.TODO(), "reference_id", zero_trust.RiskScoringIntegrationReferenceGetParams{ AccountID: cloudflare.F("account_id"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", reference.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "account_tag": "account_tag", "active": true, "created_at": "2019-12-27T18:11:19.117Z", "integration_type": "Okta", "reference_id": "reference_id", "tenant_url": "tenant_url", "well_known_url": "well_known_url" } } ```