API Reference

Accounts

Members

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Add Member

client.accounts.members.create(MemberCreateParamsparams, RequestOptionsoptions?): Member { id, email, policies, 3 more }

POST/accounts/{account_id}/members

Add a user to the list of members for this account.

Security

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

SCIM ProvisioningAccount Settings Write

ParametersExpand Collapse

MemberCreateParams = IAMCreateMemberWithRoles | IAMCreateMemberWithPolicies

MemberCreateParamsBase

IAMCreateMemberWithRoles extends MemberCreateParamsBase

IAMCreateMemberWithPolicies extends MemberCreateParamsBase

ReturnsExpand Collapse

Member { id, email, policies, 3 more }

id?: string

Membership identifier tag.

maxLength32

email?: string

The contact email address of the user.

maxLength90

policies?: Array<Policy>

Access policy for the membership

id?: string

Policy identifier.

access?: "allow" | "deny"

Allow or deny operations against the resources.

One of the following:

"allow"

"deny"

permission_groups?: Array<PermissionGroup>

A set of permission groups that are specified to the policy.

id: string

Identifier of the permission group.

meta?: Meta { key, value }

Attributes associated to the permission group.

key?: string

value?: string

name?: string

Name of the permission group.

resource_groups?: Array<ResourceGroup>

A list of resource groups that the policy applies to.

id: string

Identifier of the resource group.

scope: Array<Scope>

The scope associated to the resource group

key: string

This is a combination of pre-defined resource name and identifier (like Account ID etc.)

objects: Array<Object>

A list of scope objects for additional context.

key: string

This is a combination of pre-defined resource name and identifier (like Zone ID etc.)

meta?: Meta { key, value }

Attributes associated to the resource group.

key?: string

value?: string

name?: string

Name of the resource group.

roles?: Array<Role { id, description, name, permissions } >

Roles assigned to this Member.

id: string

Role identifier tag.

maxLength32

description: string

Description of role's permissions.

name: string

Role name.

maxLength120

permissions: Permissions { analytics, billing, cache_purge, 9 more }

analytics?: PermissionGrant { read, write }

read?: boolean

write?: boolean

billing?: PermissionGrant { read, write }

read?: boolean

write?: boolean

cache_purge?: PermissionGrant { read, write }

read?: boolean

write?: boolean

dns?: PermissionGrant { read, write }

read?: boolean

write?: boolean

dns_records?: PermissionGrant { read, write }

read?: boolean

write?: boolean

lb?: PermissionGrant { read, write }

read?: boolean

write?: boolean

logs?: PermissionGrant { read, write }

read?: boolean

write?: boolean

organization?: PermissionGrant { read, write }

read?: boolean

write?: boolean

ssl?: PermissionGrant { read, write }

read?: boolean

write?: boolean

waf?: PermissionGrant { read, write }

read?: boolean

write?: boolean

zone_settings?: PermissionGrant { read, write }

read?: boolean

write?: boolean

zones?: PermissionGrant { read, write }

read?: boolean

write?: boolean

status?: "accepted" | "pending"

A member's status in the account.

One of the following:

"accepted"

"pending"

user?: User { email, id, first_name, 2 more }

Details of the user associated to the membership.

email: string

The contact email address of the user.

maxLength90

id?: string

Identifier

maxLength32

minLength32

first_name?: string | null

User's first name

maxLength60

last_name?: string | null

User's last name

maxLength60

two_factor_authentication_enabled?: boolean

Indicates whether two-factor authentication is enabled for the user account. Does not apply to API authentication.

Add Member

TypeScript

HTTP

TypeScript

Python

Go

Terraform

import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const member = await client.accounts.members.create({
  account_id: '023e105f4ecef8ad9ca31a8372d0c353',
  email: 'user@example.com',
  roles: ['3536bcfad5faccb999b47003c79917fb'],
});

console.log(member.id);

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "4536bcfad5faccb111b47003c79917fa",
    "email": "user@example.com",
    "policies": [
      {
        "id": "f267e341f3dd4697bd3b9f71dd96247f",
        "access": "allow",
        "permission_groups": [
          {
            "id": "c8fed203ed3043cba015a93ad1616f1f",
            "meta": {
              "key": "key",
              "value": "value"
            },
            "name": "Zone Read"
          },
          {
            "id": "82e64a83756745bbbb1c9c2701bf816b",
            "meta": {
              "key": "key",
              "value": "value"
            },
            "name": "Magic Network Monitoring"
          }
        ],
        "resource_groups": [
          {
            "id": "6d7f2f5f5b1d4a0e9081fdc98d432fd1",
            "scope": [
              {
                "key": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4",
                "objects": [
                  {
                    "key": "com.cloudflare.api.account.zone.23f8d65290b24279ba6f44721b3eaad5"
                  }
                ]
              }
            ],
            "meta": {
              "key": "key",
              "value": "value"
            },
            "name": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4"
          }
        ]
      }
    ],
    "roles": [
      {
        "id": "3536bcfad5faccb999b47003c79917fb",
        "description": "Administrative access to the entire Account",
        "name": "Account Administrator",
        "permissions": {
          "analytics": {
            "read": true,
            "write": false
          },
          "billing": {
            "read": true,
            "write": false
          },
          "cache_purge": {
            "read": true,
            "write": false
          },
          "dns": {
            "read": true,
            "write": false
          },
          "dns_records": {
            "read": true,
            "write": false
          },
          "lb": {
            "read": true,
            "write": false
          },
          "logs": {
            "read": true,
            "write": false
          },
          "organization": {
            "read": true,
            "write": false
          },
          "ssl": {
            "read": true,
            "write": false
          },
          "waf": {
            "read": true,
            "write": false
          },
          "zone_settings": {
            "read": true,
            "write": false
          },
          "zones": {
            "read": true,
            "write": true
          }
        }
      }
    ],
    "status": "accepted",
    "user": {
      "email": "user@example.com",
      "id": "023e105f4ecef8ad9ca31a8372d0c353",
      "first_name": "John",
      "last_name": "Appleseed",
      "two_factor_authentication_enabled": true
    }
  }
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "4536bcfad5faccb111b47003c79917fa",
    "email": "user@example.com",
    "policies": [
      {
        "id": "f267e341f3dd4697bd3b9f71dd96247f",
        "access": "allow",
        "permission_groups": [
          {
            "id": "c8fed203ed3043cba015a93ad1616f1f",
            "meta": {
              "key": "key",
              "value": "value"
            },
            "name": "Zone Read"
          },
          {
            "id": "82e64a83756745bbbb1c9c2701bf816b",
            "meta": {
              "key": "key",
              "value": "value"
            },
            "name": "Magic Network Monitoring"
          }
        ],
        "resource_groups": [
          {
            "id": "6d7f2f5f5b1d4a0e9081fdc98d432fd1",
            "scope": [
              {
                "key": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4",
                "objects": [
                  {
                    "key": "com.cloudflare.api.account.zone.23f8d65290b24279ba6f44721b3eaad5"
                  }
                ]
              }
            ],
            "meta": {
              "key": "key",
              "value": "value"
            },
            "name": "com.cloudflare.api.account.eb78d65290b24279ba6f44721b3ea3c4"
          }
        ]
      }
    ],
    "roles": [
      {
        "id": "3536bcfad5faccb999b47003c79917fb",
        "description": "Administrative access to the entire Account",
        "name": "Account Administrator",
        "permissions": {
          "analytics": {
            "read": true,
            "write": false
          },
          "billing": {
            "read": true,
            "write": false
          },
          "cache_purge": {
            "read": true,
            "write": false
          },
          "dns": {
            "read": true,
            "write": false
          },
          "dns_records": {
            "read": true,
            "write": false
          },
          "lb": {
            "read": true,
            "write": false
          },
          "logs": {
            "read": true,
            "write": false
          },
          "organization": {
            "read": true,
            "write": false
          },
          "ssl": {
            "read": true,
            "write": false
          },
          "waf": {
            "read": true,
            "write": false
          },
          "zone_settings": {
            "read": true,
            "write": false
          },
          "zones": {
            "read": true,
            "write": true
          }
        }
      }
    ],
    "status": "accepted",
    "user": {
      "email": "user@example.com",
      "id": "023e105f4ecef8ad9ca31a8372d0c353",
      "first_name": "John",
      "last_name": "Appleseed",
      "two_factor_authentication_enabled": true
    }
  }
}