Cloudflare API | Accounts › Tokens

Delete a specific account (only available for tenant admins at this time). This is a permanent operation that will delete any zones or other resources under the account

Domain types

Account{…}

Accounts

Logs

Accounts.Logs

Accounts Logs

Audit

Accounts.Logs.Audit

Methods

client.accounts.logs.audit.list(, ):

CursorPaginationAfter

AuditListResponse

get/accounts/{account_id}/logs/audit

Gets a list of audit logs for an account.

This is the beta release of Audit Logs Version 2. Since this is a beta version, there may be gaps or missing entries in the available audit logs. Be aware of the following limitations.

Audit logs are available only for the past 30 days.
Error handling is not yet implemented.

Accounts

Members

Accounts.Members

Methods

client.accounts.members.list(, ):

V4PagePaginationArray

Member

get/accounts/{account_id}/members

List all members of an account.

client.accounts.members.get(, , ):

Member

get/accounts/{account_id}/members/{member_id}

Get information about a specific member of an account.

client.accounts.members.create(, ):

Member

post/accounts/{account_id}/members

Add a user to the list of members for this account.

client.accounts.members.update(, , ):

Member

put/accounts/{account_id}/members/{member_id}

Modify an account member.

client.accounts.members.delete(, , ):

MemberDeleteResponse

| null

delete/accounts/{account_id}/members/{member_id}

Remove a member from an account.

Domain types

Status = "member" | "invited"

Whether the user is a member of the organization or has an invitation pending.

Accounts

Roles

Accounts.Roles

Methods

client.accounts.roles.list(, ):

V4PagePaginationArray

Role

get/accounts/{account_id}/roles

Get all available roles for an account.

client.accounts.roles.get(, , ):

Role

get/accounts/{account_id}/roles/{role_id}

Get information about a specific role for an account.

Accounts

Subscriptions

Accounts.Subscriptions

Methods

client.accounts.subscriptions.get(, ):

SinglePage

Subscription

get/accounts/{account_id}/subscriptions

Lists all of an account's subscriptions.

client.accounts.subscriptions.create(, ):

Subscription

post/accounts/{account_id}/subscriptions

Creates an account subscription.

client.accounts.subscriptions.update(, , ):

Subscription

put/accounts/{account_id}/subscriptions/{subscription_identifier}

Updates an account subscription.

client.accounts.subscriptions.delete(, , ):

SubscriptionDeleteResponse

delete/accounts/{account_id}/subscriptions/{subscription_identifier}

Deletes an account's subscription.

Accounts

Tokens

Accounts.Tokens

Methods

client.accounts.tokens.list(, ):

V4PagePaginationArray

Token

get/accounts/{account_id}/tokens

List all Account Owned API tokens created for this account.

client.accounts.tokens.get(, , ):

Token

get/accounts/{account_id}/tokens/{token_id}

Get information about a specific Account Owned API token.

client.accounts.tokens.create(, ):

TokenCreateResponse

post/accounts/{account_id}/tokens

Create a new Account Owned API token.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example: Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

Accepted Permissions (at least one required)

Account API Tokens Write

Parameters

params:

TokenCreateParams

account_id: string

(maxLength: 32, minLength: 32)

Path param: Account identifier tag.

name: string

(maxLength: 120)

Body param: Token name.

policies: Array<

TokenPolicy

Body param: List of access policies assigned to the token.

condition?:

Condition

Body param

expires_on?: string

(format: date-time)

Body param: The expiration time on or after which the JWT MUST NOT be accepted for processing.

not_before?: string

(format: date-time)

Body param: The time before which the token MUST NOT be accepted for processing.

Returns

TokenCreateResponse{

id?: string

(maxLength: 32)

Token identifier tag.

condition?:

Condition

expires_on?: string

(format: date-time)

The expiration time on or after which the JWT MUST NOT be accepted for processing.

issued_on?: string

(format: date-time)

The time on which the token was created.

last_used_on?: string

(format: date-time)

Last time the token was used.

modified_on?: string

(format: date-time)

Last time the token was modified.

name?: string

(maxLength: 120)

Token name.

not_before?: string

(format: date-time)

The time before which the token MUST NOT be accepted for processing.

policies?: Array<

TokenPolicy

List of access policies assigned to the token.

status?: "active" | "disabled" | "expired"

Status of the token.

value?:

TokenValue

(maxLength: 80, minLength: 40)

The token value.

Request example

import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const token = await client.accounts.tokens.create({
  account_id: '023e105f4ecef8ad9ca31a8372d0c353',
  name: 'readonly token',
  policies: [
    {
      effect: 'allow',
      permission_groups: [
        { id: 'c8fed203ed3043cba015a93ad1616f1f' },
        { id: '82e64a83756745bbbb1c9c2701bf816b' },
      ],
      resources: { foo: 'string' },
    },
  ],
});

console.log(token.id);

200Example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "ed17574386854bf78a67040be0a770b0",
    "condition": {
      "request_ip": {
        "in": [
          "123.123.123.0/24",
          "2606:4700::/32"
        ],
        "not_in": [
          "123.123.123.100/24",
          "2606:4700:4700::/48"
        ]
      }
    },
    "expires_on": "2020-01-01T00:00:00Z",
    "issued_on": "2018-07-01T05:20:00Z",
    "last_used_on": "2020-01-02T12:34:00Z",
    "modified_on": "2018-07-02T05:20:00Z",
    "name": "readonly token",
    "not_before": "2018-07-01T05:20:00Z",
    "policies": [
      {
        "id": "f267e341f3dd4697bd3b9f71dd96247f",
        "effect": "allow",
        "permission_groups": [
          {
            "id": "c8fed203ed3043cba015a93ad1616f1f",
            "meta": {
              "key": "key",
              "value": "value"
            },
            "name": "Zone Read"
          },
          {
            "id": "82e64a83756745bbbb1c9c2701bf816b",
            "meta": {
              "key": "key",
              "value": "value"
            },
            "name": "Magic Network Monitoring"
          }
        ],
        "resources": {
          "foo": "string"
        }
      }
    ],
    "status": "active",
    "value": "8M7wS6hCpXVc-DoRnPPY_UCWPgy8aea4Wy6kCe5T"
  }
}