API Reference

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Accounts

List Accounts

client.accounts.list(AccountListParams { direction, name, page, per_page } query?, RequestOptionsoptions?): V4PagePaginationArray<Account { id, name, type, 3 more } >

GET/accounts

Account Details

client.accounts.get(AccountGetParams { account_id } params, RequestOptionsoptions?): Account { id, name, type, 3 more }

GET/accounts/{account_id}

Create an account

client.accounts.create(AccountCreateParams { name, type, unit } body, RequestOptionsoptions?): Account { id, name, type, 3 more }

POST/accounts

Update Account

client.accounts.update(AccountUpdateParams { account_id, id, name, 3 more } params, RequestOptionsoptions?): Account { id, name, type, 3 more }

PUT/accounts/{account_id}

Delete a specific account

client.accounts.delete(AccountDeleteParams { account_id } params, RequestOptionsoptions?): AccountDeleteResponse { id } | null

DELETE/accounts/{account_id}

ModelsExpand Collapse

Account { id, name, type, 3 more }

id: string

Identifier

maxLength32

minLength32

name: string

Account name

maxLength100

type: "standard" | "enterprise"

One of the following:

"standard"

"enterprise"

created_on?: string

Timestamp for the creation of the account

formatdate-time

managed_by?: ManagedBy { parent_org_id, parent_org_name }

Parent container details

parent_org_id?: string

ID of the parent Organization, if one exists

maxLength32

parent_org_name?: string

Name of the parent Organization, if one exists

settings?: Settings { abuse_contact_email, enforce_twofactor }

Account settings

abuse_contact_email?: string

Sets an abuse contact email to notify for abuse reports.

enforce_twofactor?: boolean

Indicates whether membership in this account requires that Two-Factor Authentication is enabled

AccountDeleteResponse { id }

id: string

Identifier

maxLength32

minLength32

AccountsAccount Organizations

AccountsAccount Profile

AccountsMembers

List Members

client.accounts.members.list(MemberListParams { account_id, direction, order, 3 more } params, RequestOptionsoptions?): V4PagePaginationArray<Member { id, email, policies, 3 more } >

GET/accounts/{account_id}/members

Member Details

client.accounts.members.get(stringmemberId, MemberGetParams { account_id } params, RequestOptionsoptions?): Member { id, email, policies, 3 more }

GET/accounts/{account_id}/members/{member_id}

Add Member

client.accounts.members.create(MemberCreateParamsparams, RequestOptionsoptions?): Member { id, email, policies, 3 more }

POST/accounts/{account_id}/members

Update Member

client.accounts.members.update(stringmemberId, MemberUpdateParamsparams, RequestOptionsoptions?): Member { id, email, policies, 3 more }

PUT/accounts/{account_id}/members/{member_id}

Remove Member

client.accounts.members.delete(stringmemberId, MemberDeleteParams { account_id } params, RequestOptionsoptions?): MemberDeleteResponse { id } | null

DELETE/accounts/{account_id}/members/{member_id}

ModelsExpand Collapse

Status = "member" | "invited"

Whether the user is a member of the organization or has an invitation pending.

One of the following:

"member"

"invited"

MemberDeleteResponse { id }

id: string

Identifier

maxLength32

minLength32

AccountsRoles

List Roles

client.accounts.roles.list(RoleListParams { account_id, page, per_page } params, RequestOptionsoptions?): V4PagePaginationArray<Role { id, description, name, permissions } >

GET/accounts/{account_id}/roles

Role Details

client.accounts.roles.get(stringroleId, RoleGetParams { account_id } params, RequestOptionsoptions?): Role { id, description, name, permissions }

GET/accounts/{account_id}/roles/{role_id}

AccountsSubscriptions

List Subscriptions

client.accounts.subscriptions.get(SubscriptionGetParams { account_id } params, RequestOptionsoptions?): SinglePage<Subscription { id, currency, current_period_end, 5 more } >

GET/accounts/{account_id}/subscriptions

Create Subscription

client.accounts.subscriptions.create(SubscriptionCreateParams { account_id, frequency, rate_plan } params, RequestOptionsoptions?): Subscription { id, currency, current_period_end, 5 more }

POST/accounts/{account_id}/subscriptions

Update Subscription

client.accounts.subscriptions.update(stringsubscriptionIdentifier, SubscriptionUpdateParams { account_id, frequency, rate_plan } params, RequestOptionsoptions?): Subscription { id, currency, current_period_end, 5 more }

PUT/accounts/{account_id}/subscriptions/{subscription_identifier}

Delete Subscription

client.accounts.subscriptions.delete(stringsubscriptionIdentifier, SubscriptionDeleteParams { account_id } params, RequestOptionsoptions?): SubscriptionDeleteResponse { subscription_id }

DELETE/accounts/{account_id}/subscriptions/{subscription_identifier}

ModelsExpand Collapse

SubscriptionDeleteResponse { subscription_id }

subscription_id?: string

Subscription identifier tag.

maxLength32

AccountsTokens

List Tokens

client.accounts.tokens.list(TokenListParams { account_id, direction, page, per_page } params, RequestOptionsoptions?): V4PagePaginationArray<Token { id, condition, expires_on, 7 more } >

GET/accounts/{account_id}/tokens

Token Details

client.accounts.tokens.get(stringtokenId, TokenGetParams { account_id } params, RequestOptionsoptions?): Token { id, condition, expires_on, 7 more }

GET/accounts/{account_id}/tokens/{token_id}

Create Token

client.accounts.tokens.create(TokenCreateParams { account_id, name, policies, 3 more } params, RequestOptionsoptions?): TokenCreateResponse { id, condition, expires_on, 8 more }

POST/accounts/{account_id}/tokens

Update Token

client.accounts.tokens.update(stringtokenId, TokenUpdateParams { account_id, name, policies, 4 more } params, RequestOptionsoptions?): Token { id, condition, expires_on, 7 more }

PUT/accounts/{account_id}/tokens/{token_id}

Delete Token

client.accounts.tokens.delete(stringtokenId, TokenDeleteParams { account_id } params, RequestOptionsoptions?): TokenDeleteResponse { id } | null

DELETE/accounts/{account_id}/tokens/{token_id}

Verify Token

client.accounts.tokens.verify(TokenVerifyParams { account_id } params, RequestOptionsoptions?): TokenVerifyResponse { id, status, expires_on, not_before }

GET/accounts/{account_id}/tokens/verify

ModelsExpand Collapse

TokenCreateResponse { id, condition, expires_on, 8 more }

id?: string

Token identifier tag.

maxLength32

condition?: Condition { request_ip }

request_ip?: RequestIP { in, not_in }

Client IP restrictions.

in?: Array<TokenConditionCIDRList>

List of IPv4/IPv6 CIDR addresses.

not_in?: Array<TokenConditionCIDRList>

List of IPv4/IPv6 CIDR addresses.

expires_on?: string

The expiration time on or after which the JWT MUST NOT be accepted for processing.

formatdate-time

issued_on?: string

The time on which the token was created.

formatdate-time

last_used_on?: string

Last time the token was used.

formatdate-time

modified_on?: string

Last time the token was modified.

formatdate-time

name?: string

Token name.

maxLength120

not_before?: string

The time before which the token MUST NOT be accepted for processing.

formatdate-time

policies?: Array<TokenPolicy { id, effect, permission_groups, resources } >

List of access policies assigned to the token.

id: string

Policy identifier.

effect: "allow" | "deny"

Allow or deny operations against the resources.

One of the following:

"allow"

"deny"

permission_groups: Array<PermissionGroup>

A set of permission groups that are specified to the policy.

id: string

Identifier of the permission group.

meta?: Meta { key, value }

Attributes associated to the permission group.

key?: string

value?: string

name?: string

Name of the permission group.

resources: Record<string, string> | Record<string, Record<string, string>>

A list of resource names that the policy applies to.

One of the following:

Record<string, string>

Record<string, Record<string, string>>

status?: "active" | "disabled" | "expired"

Status of the token.

One of the following:

"active"

"disabled"

"expired"

value?: TokenValue

The token value.

maxLength80

minLength40

TokenDeleteResponse { id }

id: string

Identifier

maxLength32

minLength32

TokenVerifyResponse { id, status, expires_on, not_before }

id: string

Token identifier tag.

maxLength32

status: "active" | "disabled" | "expired"

Status of the token.

One of the following:

"active"

"disabled"

"expired"

expires_on?: string

The expiration time on or after which the JWT MUST NOT be accepted for processing.

formatdate-time

not_before?: string

The time before which the token MUST NOT be accepted for processing.

formatdate-time

AccountsTokensPermission Groups

List Permission Groups

client.accounts.tokens.permissionGroups.list(PermissionGroupListParams { account_id, name, scope } params, RequestOptionsoptions?): SinglePage<PermissionGroupListResponse { id, name, scopes } >

GET/accounts/{account_id}/tokens/permission_groups

List Permission Groups

client.accounts.tokens.permissionGroups.get(PermissionGroupGetParams { account_id, name, scope } params, RequestOptionsoptions?): PermissionGroupGetResponse { id, name, scopes }

GET/accounts/{account_id}/tokens/permission_groups

ModelsExpand Collapse

PermissionGroupListResponse { id, name, scopes }

id?: string

Public ID.

name?: string

Permission Group Name

scopes?: Array<"com.cloudflare.api.account" | "com.cloudflare.api.account.zone" | "com.cloudflare.api.user" | "com.cloudflare.edge.r2.bucket">

Resources to which the Permission Group is scoped

One of the following:

"com.cloudflare.api.account"

"com.cloudflare.api.account.zone"

"com.cloudflare.api.user"

"com.cloudflare.edge.r2.bucket"

PermissionGroupGetResponse = Array<PermissionGroupGetResponseItem>

id?: string

Public ID.

name?: string

Permission Group Name

scopes?: Array<"com.cloudflare.api.account" | "com.cloudflare.api.account.zone" | "com.cloudflare.api.user" | "com.cloudflare.edge.r2.bucket">

Resources to which the Permission Group is scoped

One of the following:

"com.cloudflare.api.account"

"com.cloudflare.api.account.zone"

"com.cloudflare.api.user"

"com.cloudflare.edge.r2.bucket"

AccountsTokensValue

Roll Token

client.accounts.tokens.value.update(stringtokenId, ValueUpdateParams { account_id, body } params, RequestOptionsoptions?): TokenValue

PUT/accounts/{account_id}/tokens/{token_id}/value

AccountsLogs

AccountsLogsAudit

Get account audit logs (Version 2)

client.accounts.logs.audit.list(AuditListParams { account_id, before, since, 25 more } params, RequestOptionsoptions?): CursorPaginationAfter<AuditListResponse { id, account, action, 4 more } >

GET/accounts/{account_id}/logs/audit

ModelsExpand Collapse

AuditListResponse { id, account, action, 4 more }

id?: string

A unique identifier for the audit log entry.

maxLength32

account?: Account { id, name }

Contains account related information.

id?: string

A unique identifier for the account.

name?: string

A string that identifies the account name.

action?: Action { description, result, time, type }

Provides information about the action performed.

description?: string

A short description of the action performed.

result?: string

The result of the action, indicating success or failure.

time?: string

A timestamp indicating when the action was logged.

formatdate-time

type?: string

A short string that describes the action that was performed.

actor?: Actor { id, context, email, 4 more }

Provides details about the actor who performed the action.

id?: string

The ID of the actor who performed the action. If a user performed the action, this will be their User ID.

context?: "api_key" | "api_token" | "dash" | 2 more

One of the following:

"api_key"

"api_token"

"dash"

"oauth"

"origin_ca_key"

email?: string

The email of the actor who performed the action.

formatemail

ip_address?: string

The IP address of the request that performed the action.

token_id?: string

The API token ID when the actor context is an api_token or oauth.

token_name?: string

The API token name when the actor context is an api_token or oauth.

type?: "account" | "cloudflare_admin" | "system" | "user"

The type of actor.

One of the following:

"account"

"cloudflare_admin"

"system"

"user"

raw?: Raw { cf_ray_id, method, status_code, 2 more }

Provides raw information about the request and response.

cf_ray_id?: string

The Cloudflare Ray ID for the request.

method?: string

The HTTP method of the request.

status_code?: number

The HTTP response status code returned by the API.

uri?: string

The URI of the request.

user_agent?: string

The client's user agent string sent with the request.

resource?: Resource { id, product, request, 3 more }

Provides details about the affected resource.

id?: string

The unique identifier for the affected resource.

product?: string

The Cloudflare product associated with the resource.

request?: unknown

response?: unknown

scope?: unknown

The scope of the resource.

type?: string

The type of the resource.

zone?: Zone { id, name }

Provides details about the zone affected by the action.

id?: string

A string that identifies the zone id.

name?: string

A string that identifies the zone name.