# Tokens ## List Tokens `client.accounts.tokens.list(TokenListParamsparams, RequestOptionsoptions?): V4PagePaginationArray` **get** `/accounts/{account_id}/tokens` List all Account Owned API tokens created for this account. ### Parameters - `params: TokenListParams` - `account_id: string` Path param: Account identifier tag. - `direction?: "asc" | "desc"` Query param: Direction to order results. - `"asc"` - `"desc"` - `page?: number` Query param: Page number of paginated results. - `per_page?: number` Query param: Maximum number of results per page. ### Returns - `Token` - `id?: string` Token identifier tag. - `condition?: Condition` - `request_ip?: RequestIP` Client IP restrictions. - `in?: Array` List of IPv4/IPv6 CIDR addresses. - `not_in?: Array` List of IPv4/IPv6 CIDR addresses. - `expires_on?: string` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `issued_on?: string` The time on which the token was created. - `last_used_on?: string` Last time the token was used. - `modified_on?: string` Last time the token was modified. - `name?: string` Token name. - `not_before?: string` The time before which the token MUST NOT be accepted for processing. - `policies?: Array` List of access policies assigned to the token. - `id: string` Policy identifier. - `effect: "allow" | "deny"` Allow or deny operations against the resources. - `"allow"` - `"deny"` - `permission_groups: Array` A set of permission groups that are specified to the policy. - `id: string` Identifier of the permission group. - `meta?: Meta` Attributes associated to the permission group. - `key?: string` - `value?: string` - `name?: string` Name of the permission group. - `resources: Record | Record>` A list of resource names that the policy applies to. - `Record` - `Record>` - `status?: "active" | "disabled" | "expired"` Status of the token. - `"active"` - `"disabled"` - `"expired"` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const token of client.accounts.tokens.list({ account_id: '023e105f4ecef8ad9ca31a8372d0c353', })) { console.log(token.id); } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "ed17574386854bf78a67040be0a770b0", "condition": { "request_ip": { "in": [ "123.123.123.0/24", "2606:4700::/32" ], "not_in": [ "123.123.123.100/24", "2606:4700:4700::/48" ] } }, "expires_on": "2020-01-01T00:00:00Z", "issued_on": "2018-07-01T05:20:00Z", "last_used_on": "2020-01-02T12:34:00Z", "modified_on": "2018-07-02T05:20:00Z", "name": "readonly token", "not_before": "2018-07-01T05:20:00Z", "policies": [ { "id": "f267e341f3dd4697bd3b9f71dd96247f", "effect": "allow", "permission_groups": [ { "id": "c8fed203ed3043cba015a93ad1616f1f", "meta": { "key": "key", "value": "value" }, "name": "Zone Read" }, { "id": "82e64a83756745bbbb1c9c2701bf816b", "meta": { "key": "key", "value": "value" }, "name": "Magic Network Monitoring" } ], "resources": { "foo": "string" } } ], "status": "active" } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Token Details `client.accounts.tokens.get(stringtokenId, TokenGetParamsparams, RequestOptionsoptions?): Token` **get** `/accounts/{account_id}/tokens/{token_id}` Get information about a specific Account Owned API token. ### Parameters - `tokenId: string` Token identifier tag. - `params: TokenGetParams` - `account_id: string` Account identifier tag. ### Returns - `Token` - `id?: string` Token identifier tag. - `condition?: Condition` - `request_ip?: RequestIP` Client IP restrictions. - `in?: Array` List of IPv4/IPv6 CIDR addresses. - `not_in?: Array` List of IPv4/IPv6 CIDR addresses. - `expires_on?: string` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `issued_on?: string` The time on which the token was created. - `last_used_on?: string` Last time the token was used. - `modified_on?: string` Last time the token was modified. - `name?: string` Token name. - `not_before?: string` The time before which the token MUST NOT be accepted for processing. - `policies?: Array` List of access policies assigned to the token. - `id: string` Policy identifier. - `effect: "allow" | "deny"` Allow or deny operations against the resources. - `"allow"` - `"deny"` - `permission_groups: Array` A set of permission groups that are specified to the policy. - `id: string` Identifier of the permission group. - `meta?: Meta` Attributes associated to the permission group. - `key?: string` - `value?: string` - `name?: string` Name of the permission group. - `resources: Record | Record>` A list of resource names that the policy applies to. - `Record` - `Record>` - `status?: "active" | "disabled" | "expired"` Status of the token. - `"active"` - `"disabled"` - `"expired"` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const token = await client.accounts.tokens.get('ed17574386854bf78a67040be0a770b0', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(token.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "ed17574386854bf78a67040be0a770b0", "condition": { "request_ip": { "in": [ "123.123.123.0/24", "2606:4700::/32" ], "not_in": [ "123.123.123.100/24", "2606:4700:4700::/48" ] } }, "expires_on": "2020-01-01T00:00:00Z", "issued_on": "2018-07-01T05:20:00Z", "last_used_on": "2020-01-02T12:34:00Z", "modified_on": "2018-07-02T05:20:00Z", "name": "readonly token", "not_before": "2018-07-01T05:20:00Z", "policies": [ { "id": "f267e341f3dd4697bd3b9f71dd96247f", "effect": "allow", "permission_groups": [ { "id": "c8fed203ed3043cba015a93ad1616f1f", "meta": { "key": "key", "value": "value" }, "name": "Zone Read" }, { "id": "82e64a83756745bbbb1c9c2701bf816b", "meta": { "key": "key", "value": "value" }, "name": "Magic Network Monitoring" } ], "resources": { "foo": "string" } } ], "status": "active" } } ``` ## Create Token `client.accounts.tokens.create(TokenCreateParamsparams, RequestOptionsoptions?): TokenCreateResponse` **post** `/accounts/{account_id}/tokens` Create a new Account Owned API token. ### Parameters - `params: TokenCreateParams` - `account_id: string` Path param: Account identifier tag. - `name: string` Body param: Token name. - `policies: Array` Body param: List of access policies assigned to the token. - `id: string` Policy identifier. - `effect: "allow" | "deny"` Allow or deny operations against the resources. - `"allow"` - `"deny"` - `permission_groups: Array` A set of permission groups that are specified to the policy. - `id: string` Identifier of the permission group. - `meta?: Meta` Attributes associated to the permission group. - `key?: string` - `value?: string` - `name?: string` Name of the permission group. - `resources: Record | Record>` A list of resource names that the policy applies to. - `Record` - `Record>` - `condition?: Condition` Body param - `request_ip?: RequestIP` Client IP restrictions. - `in?: Array` List of IPv4/IPv6 CIDR addresses. - `not_in?: Array` List of IPv4/IPv6 CIDR addresses. - `expires_on?: string` Body param: The expiration time on or after which the JWT MUST NOT be accepted for processing. - `not_before?: string` Body param: The time before which the token MUST NOT be accepted for processing. ### Returns - `TokenCreateResponse` - `id?: string` Token identifier tag. - `condition?: Condition` - `request_ip?: RequestIP` Client IP restrictions. - `in?: Array` List of IPv4/IPv6 CIDR addresses. - `not_in?: Array` List of IPv4/IPv6 CIDR addresses. - `expires_on?: string` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `issued_on?: string` The time on which the token was created. - `last_used_on?: string` Last time the token was used. - `modified_on?: string` Last time the token was modified. - `name?: string` Token name. - `not_before?: string` The time before which the token MUST NOT be accepted for processing. - `policies?: Array` List of access policies assigned to the token. - `id: string` Policy identifier. - `effect: "allow" | "deny"` Allow or deny operations against the resources. - `"allow"` - `"deny"` - `permission_groups: Array` A set of permission groups that are specified to the policy. - `id: string` Identifier of the permission group. - `meta?: Meta` Attributes associated to the permission group. - `key?: string` - `value?: string` - `name?: string` Name of the permission group. - `resources: Record | Record>` A list of resource names that the policy applies to. - `Record` - `Record>` - `status?: "active" | "disabled" | "expired"` Status of the token. - `"active"` - `"disabled"` - `"expired"` - `value?: TokenValue` The token value. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const token = await client.accounts.tokens.create({ account_id: '023e105f4ecef8ad9ca31a8372d0c353', name: 'readonly token', policies: [ { effect: 'allow', permission_groups: [ { id: 'c8fed203ed3043cba015a93ad1616f1f' }, { id: '82e64a83756745bbbb1c9c2701bf816b' }, ], resources: { foo: 'string' }, }, ], }); console.log(token.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "ed17574386854bf78a67040be0a770b0", "condition": { "request_ip": { "in": [ "123.123.123.0/24", "2606:4700::/32" ], "not_in": [ "123.123.123.100/24", "2606:4700:4700::/48" ] } }, "expires_on": "2020-01-01T00:00:00Z", "issued_on": "2018-07-01T05:20:00Z", "last_used_on": "2020-01-02T12:34:00Z", "modified_on": "2018-07-02T05:20:00Z", "name": "readonly token", "not_before": "2018-07-01T05:20:00Z", "policies": [ { "id": "f267e341f3dd4697bd3b9f71dd96247f", "effect": "allow", "permission_groups": [ { "id": "c8fed203ed3043cba015a93ad1616f1f", "meta": { "key": "key", "value": "value" }, "name": "Zone Read" }, { "id": "82e64a83756745bbbb1c9c2701bf816b", "meta": { "key": "key", "value": "value" }, "name": "Magic Network Monitoring" } ], "resources": { "foo": "string" } } ], "status": "active", "value": "8M7wS6hCpXVc-DoRnPPY_UCWPgy8aea4Wy6kCe5T" } } ``` ## Update Token `client.accounts.tokens.update(stringtokenId, TokenUpdateParamsparams, RequestOptionsoptions?): Token` **put** `/accounts/{account_id}/tokens/{token_id}` Update an existing token. ### Parameters - `tokenId: string` Token identifier tag. - `params: TokenUpdateParams` - `account_id: string` Path param: Account identifier tag. - `name: string` Body param: Token name. - `policies: Array` Body param: List of access policies assigned to the token. - `id: string` Policy identifier. - `effect: "allow" | "deny"` Allow or deny operations against the resources. - `"allow"` - `"deny"` - `permission_groups: Array` A set of permission groups that are specified to the policy. - `id: string` Identifier of the permission group. - `meta?: Meta` Attributes associated to the permission group. - `key?: string` - `value?: string` - `name?: string` Name of the permission group. - `resources: Record | Record>` A list of resource names that the policy applies to. - `Record` - `Record>` - `condition?: Condition` Body param - `request_ip?: RequestIP` Client IP restrictions. - `in?: Array` List of IPv4/IPv6 CIDR addresses. - `not_in?: Array` List of IPv4/IPv6 CIDR addresses. - `expires_on?: string` Body param: The expiration time on or after which the JWT MUST NOT be accepted for processing. - `not_before?: string` Body param: The time before which the token MUST NOT be accepted for processing. - `status?: "active" | "disabled" | "expired"` Body param: Status of the token. - `"active"` - `"disabled"` - `"expired"` ### Returns - `Token` - `id?: string` Token identifier tag. - `condition?: Condition` - `request_ip?: RequestIP` Client IP restrictions. - `in?: Array` List of IPv4/IPv6 CIDR addresses. - `not_in?: Array` List of IPv4/IPv6 CIDR addresses. - `expires_on?: string` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `issued_on?: string` The time on which the token was created. - `last_used_on?: string` Last time the token was used. - `modified_on?: string` Last time the token was modified. - `name?: string` Token name. - `not_before?: string` The time before which the token MUST NOT be accepted for processing. - `policies?: Array` List of access policies assigned to the token. - `id: string` Policy identifier. - `effect: "allow" | "deny"` Allow or deny operations against the resources. - `"allow"` - `"deny"` - `permission_groups: Array` A set of permission groups that are specified to the policy. - `id: string` Identifier of the permission group. - `meta?: Meta` Attributes associated to the permission group. - `key?: string` - `value?: string` - `name?: string` Name of the permission group. - `resources: Record | Record>` A list of resource names that the policy applies to. - `Record` - `Record>` - `status?: "active" | "disabled" | "expired"` Status of the token. - `"active"` - `"disabled"` - `"expired"` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const token = await client.accounts.tokens.update('ed17574386854bf78a67040be0a770b0', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', name: 'readonly token', policies: [ { effect: 'allow', permission_groups: [ { id: 'c8fed203ed3043cba015a93ad1616f1f' }, { id: '82e64a83756745bbbb1c9c2701bf816b' }, ], resources: { foo: 'string' }, }, ], }); console.log(token.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "ed17574386854bf78a67040be0a770b0", "condition": { "request_ip": { "in": [ "123.123.123.0/24", "2606:4700::/32" ], "not_in": [ "123.123.123.100/24", "2606:4700:4700::/48" ] } }, "expires_on": "2020-01-01T00:00:00Z", "issued_on": "2018-07-01T05:20:00Z", "last_used_on": "2020-01-02T12:34:00Z", "modified_on": "2018-07-02T05:20:00Z", "name": "readonly token", "not_before": "2018-07-01T05:20:00Z", "policies": [ { "id": "f267e341f3dd4697bd3b9f71dd96247f", "effect": "allow", "permission_groups": [ { "id": "c8fed203ed3043cba015a93ad1616f1f", "meta": { "key": "key", "value": "value" }, "name": "Zone Read" }, { "id": "82e64a83756745bbbb1c9c2701bf816b", "meta": { "key": "key", "value": "value" }, "name": "Magic Network Monitoring" } ], "resources": { "foo": "string" } } ], "status": "active" } } ``` ## Delete Token `client.accounts.tokens.delete(stringtokenId, TokenDeleteParamsparams, RequestOptionsoptions?): TokenDeleteResponse | null` **delete** `/accounts/{account_id}/tokens/{token_id}` Destroy an Account Owned API token. ### Parameters - `tokenId: string` Token identifier tag. - `params: TokenDeleteParams` - `account_id: string` Account identifier tag. ### Returns - `TokenDeleteResponse` - `id: string` Identifier ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const token = await client.accounts.tokens.delete('ed17574386854bf78a67040be0a770b0', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(token.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353" } } ``` ## Verify Token `client.accounts.tokens.verify(TokenVerifyParamsparams, RequestOptionsoptions?): TokenVerifyResponse` **get** `/accounts/{account_id}/tokens/verify` Test whether a token works. ### Parameters - `params: TokenVerifyParams` - `account_id: string` Account identifier tag. ### Returns - `TokenVerifyResponse` - `id: string` Token identifier tag. - `status: "active" | "disabled" | "expired"` Status of the token. - `"active"` - `"disabled"` - `"expired"` - `expires_on?: string` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `not_before?: string` The time before which the token MUST NOT be accepted for processing. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const response = await client.accounts.tokens.verify({ account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(response.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "ed17574386854bf78a67040be0a770b0", "status": "active", "expires_on": "2020-01-01T00:00:00Z", "not_before": "2018-07-01T05:20:00Z" } } ``` ## Domain Types ### Token Create Response - `TokenCreateResponse` - `id?: string` Token identifier tag. - `condition?: Condition` - `request_ip?: RequestIP` Client IP restrictions. - `in?: Array` List of IPv4/IPv6 CIDR addresses. - `not_in?: Array` List of IPv4/IPv6 CIDR addresses. - `expires_on?: string` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `issued_on?: string` The time on which the token was created. - `last_used_on?: string` Last time the token was used. - `modified_on?: string` Last time the token was modified. - `name?: string` Token name. - `not_before?: string` The time before which the token MUST NOT be accepted for processing. - `policies?: Array` List of access policies assigned to the token. - `id: string` Policy identifier. - `effect: "allow" | "deny"` Allow or deny operations against the resources. - `"allow"` - `"deny"` - `permission_groups: Array` A set of permission groups that are specified to the policy. - `id: string` Identifier of the permission group. - `meta?: Meta` Attributes associated to the permission group. - `key?: string` - `value?: string` - `name?: string` Name of the permission group. - `resources: Record | Record>` A list of resource names that the policy applies to. - `Record` - `Record>` - `status?: "active" | "disabled" | "expired"` Status of the token. - `"active"` - `"disabled"` - `"expired"` - `value?: TokenValue` The token value. ### Token Delete Response - `TokenDeleteResponse` - `id: string` Identifier ### Token Verify Response - `TokenVerifyResponse` - `id: string` Token identifier tag. - `status: "active" | "disabled" | "expired"` Status of the token. - `"active"` - `"disabled"` - `"expired"` - `expires_on?: string` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `not_before?: string` The time before which the token MUST NOT be accepted for processing. # Permission Groups ## List Permission Groups `client.accounts.tokens.permissionGroups.list(PermissionGroupListParamsparams, RequestOptionsoptions?): SinglePage` **get** `/accounts/{account_id}/tokens/permission_groups` Find all available permission groups for Account Owned API Tokens ### Parameters - `params: PermissionGroupListParams` - `account_id: string` Path param: Account identifier tag. - `name?: string` Query param: Filter by the name of the permission group. The value must be URL-encoded. - `scope?: string` Query param: Filter by the scope of the permission group. The value must be URL-encoded. ### Returns - `PermissionGroupListResponse` - `id?: string` Public ID. - `name?: string` Permission Group Name - `scopes?: Array<"com.cloudflare.api.account" | "com.cloudflare.api.account.zone" | "com.cloudflare.api.user" | "com.cloudflare.edge.r2.bucket">` Resources to which the Permission Group is scoped - `"com.cloudflare.api.account"` - `"com.cloudflare.api.account.zone"` - `"com.cloudflare.api.user"` - `"com.cloudflare.edge.r2.bucket"` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const permissionGroupListResponse of client.accounts.tokens.permissionGroups.list({ account_id: '023e105f4ecef8ad9ca31a8372d0c353', })) { console.log(permissionGroupListResponse.id); } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "7cf72faf220841aabcfdfab81c43c4f6", "name": "Billing Read", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "9d24387c6e8544e2bc4024a03991339f", "name": "Load Balancing: Monitors and Pools Read", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "d2a1802cc9a34e30852f8b33869b2f3c", "name": "Load Balancing: Monitors and Pools Write", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "8b47d2786a534c08a1f94ee8f9f599ef", "name": "Workers KV Storage Read", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "f7f0eda5697f475c90846e879bab8666", "name": "Workers KV Storage Write", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "1a71c399035b4950a1bd1466bbe4f420", "name": "Workers Scripts Read", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "e086da7e2179491d91ee5f35b3ca210a", "name": "Workers Scripts Write", "scopes": [ "com.cloudflare.api.account" ] } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## List Permission Groups `client.accounts.tokens.permissionGroups.get(PermissionGroupGetParamsparams, RequestOptionsoptions?): PermissionGroupGetResponse` **get** `/accounts/{account_id}/tokens/permission_groups` Find all available permission groups for Account Owned API Tokens ### Parameters - `params: PermissionGroupGetParams` - `account_id: string` Path param: Account identifier tag. - `name?: string` Query param: Filter by the name of the permission group. The value must be URL-encoded. - `scope?: string` Query param: Filter by the scope of the permission group. The value must be URL-encoded. ### Returns - `PermissionGroupGetResponse = Array` - `id?: string` Public ID. - `name?: string` Permission Group Name - `scopes?: Array<"com.cloudflare.api.account" | "com.cloudflare.api.account.zone" | "com.cloudflare.api.user" | "com.cloudflare.edge.r2.bucket">` Resources to which the Permission Group is scoped - `"com.cloudflare.api.account"` - `"com.cloudflare.api.account.zone"` - `"com.cloudflare.api.user"` - `"com.cloudflare.edge.r2.bucket"` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const permissionGroups = await client.accounts.tokens.permissionGroups.get({ account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(permissionGroups); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "7cf72faf220841aabcfdfab81c43c4f6", "name": "Billing Read", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "9d24387c6e8544e2bc4024a03991339f", "name": "Load Balancing: Monitors and Pools Read", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "d2a1802cc9a34e30852f8b33869b2f3c", "name": "Load Balancing: Monitors and Pools Write", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "8b47d2786a534c08a1f94ee8f9f599ef", "name": "Workers KV Storage Read", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "f7f0eda5697f475c90846e879bab8666", "name": "Workers KV Storage Write", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "1a71c399035b4950a1bd1466bbe4f420", "name": "Workers Scripts Read", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "e086da7e2179491d91ee5f35b3ca210a", "name": "Workers Scripts Write", "scopes": [ "com.cloudflare.api.account" ] } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Domain Types ### Permission Group List Response - `PermissionGroupListResponse` - `id?: string` Public ID. - `name?: string` Permission Group Name - `scopes?: Array<"com.cloudflare.api.account" | "com.cloudflare.api.account.zone" | "com.cloudflare.api.user" | "com.cloudflare.edge.r2.bucket">` Resources to which the Permission Group is scoped - `"com.cloudflare.api.account"` - `"com.cloudflare.api.account.zone"` - `"com.cloudflare.api.user"` - `"com.cloudflare.edge.r2.bucket"` ### Permission Group Get Response - `PermissionGroupGetResponse = Array` - `id?: string` Public ID. - `name?: string` Permission Group Name - `scopes?: Array<"com.cloudflare.api.account" | "com.cloudflare.api.account.zone" | "com.cloudflare.api.user" | "com.cloudflare.edge.r2.bucket">` Resources to which the Permission Group is scoped - `"com.cloudflare.api.account"` - `"com.cloudflare.api.account.zone"` - `"com.cloudflare.api.user"` - `"com.cloudflare.edge.r2.bucket"` # Value ## Roll Token `client.accounts.tokens.value.update(stringtokenId, ValueUpdateParamsparams, RequestOptionsoptions?): TokenValue` **put** `/accounts/{account_id}/tokens/{token_id}/value` Roll the Account Owned API token secret. ### Parameters - `tokenId: string` Token identifier tag. - `params: ValueUpdateParams` - `account_id: string` Path param: Account identifier tag. - `body: unknown` Body param ### Returns - `TokenValue = string` The token value. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const tokenValue = await client.accounts.tokens.value.update('ed17574386854bf78a67040be0a770b0', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', body: {}, }); console.log(tokenValue); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": "8M7wS6hCpXVc-DoRnPPY_UCWPgy8aea4Wy6kCe5T" } ```