Skip to content
Cloudflare API
Start here
API Reference

API Gateway

API GatewayConfigurations

Retrieve information about specific configuration properties
client.apiGateway.configurations.get(ConfigurationGetParams { zone_id, normalize } params, RequestOptionsoptions?): Configuration { auth_id_characteristics }
GET/zones/{zone_id}/api_gateway/configuration
Update configuration properties
client.apiGateway.configurations.update(ConfigurationUpdateParams { zone_id, auth_id_characteristics, normalize } params, RequestOptionsoptions?): Configuration { auth_id_characteristics }
PUT/zones/{zone_id}/api_gateway/configuration
ModelsExpand Collapse
Configuration { auth_id_characteristics }
auth_id_characteristics: Array<APIShieldAuthIDCharacteristic { name, type } | APIShieldAuthIDCharacteristicJWTClaim { name, type } >
One of the following:
APIShieldAuthIDCharacteristic { name, type }

Auth ID Characteristic

name: string

The name of the characteristic field, i.e., the header or cookie name.

maxLength128
type: "header" | "cookie"

The type of characteristic.

One of the following:
"header"
"cookie"
APIShieldAuthIDCharacteristicJWTClaim { name, type }

Auth ID Characteristic extracted from JWT Token Claims

name: string

Claim location expressed as $(token_config_id):$(json_path), where token_config_id is the ID of the token configuration used in validating the JWT, and json_path is a RFC 9535 JSONPath (https://goessner.net/articles/JsonPath/, https://www.rfc-editor.org/rfc/rfc9535.html). The JSONPath expression may be in dot or bracket notation, may only specify literal keys or array indexes, and must return a singleton value, which will be interpreted as a string.

maxLength128
type: "jwt"

The type of characteristic.

API GatewayDiscovery

Retrieve discovered operations on a zone rendered as OpenAPI schemas
client.apiGateway.discovery.get(DiscoveryGetParams { zone_id } params, RequestOptionsoptions?): DiscoveryGetResponse { schemas, timestamp }
GET/zones/{zone_id}/api_gateway/discovery
ModelsExpand Collapse
DiscoveryOperation { id, endpoint, host, 5 more }
id: string

UUID.

maxLength36
minLength36
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
last_updated: string
formatdate-time
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
origin: Array<"ML" | "SessionIdentifier" | "LabelDiscovery">

API discovery engine(s) that discovered this operation

One of the following:
"ML"
"SessionIdentifier"
"LabelDiscovery"
state: "review" | "saved" | "ignored"

State of operation in API Discovery

  • review - Operation is not saved into API Shield Endpoint Management
  • saved - Operation is saved into API Shield Endpoint Management
  • ignored - Operation is marked as ignored
One of the following:
"review"
"saved"
"ignored"
features?: Features { traffic_stats }
traffic_stats?: TrafficStats { last_updated, period_seconds, requests }
last_updated: string
formatdate-time
period_seconds: number

The period in seconds these statistics were computed over

requests: number

The average number of requests seen during this period

formatfloat
DiscoveryGetResponse { schemas, timestamp }
schemas: Array<unknown>
timestamp: string
formatdate-time

API GatewayDiscoveryOperations

Retrieve discovered operations on a zone
client.apiGateway.discovery.operations.list(OperationListParams { zone_id, diff, direction, 8 more } params, RequestOptionsoptions?): V4PagePaginationArray<DiscoveryOperation { id, endpoint, host, 5 more } >
GET/zones/{zone_id}/api_gateway/discovery/operations
Patch discovered operation
client.apiGateway.discovery.operations.edit(stringoperationId, OperationEditParams { zone_id, state } params, RequestOptionsoptions?): OperationEditResponse { state }
PATCH/zones/{zone_id}/api_gateway/discovery/operations/{operation_id}
Patch discovered operations
client.apiGateway.discovery.operations.bulkEdit(OperationBulkEditParams { zone_id, body } params, RequestOptionsoptions?): OperationBulkEditResponse { state }
PATCH/zones/{zone_id}/api_gateway/discovery/operations
ModelsExpand Collapse
OperationEditResponse { state }
state?: "review" | "saved" | "ignored"

State of operation in API Discovery

  • review - Operation is not saved into API Shield Endpoint Management
  • saved - Operation is saved into API Shield Endpoint Management
  • ignored - Operation is marked as ignored
One of the following:
"review"
"saved"
"ignored"
OperationBulkEditResponse = Record<string, item>
state?: "review" | "ignored"

Mark state of operation in API Discovery

  • review - Mark operation as for review
  • ignored - Mark operation as ignored
One of the following:
"review"
"ignored"

API GatewayLabels

Retrieve all labels
client.apiGateway.labels.list(LabelListParams { zone_id, direction, filter, 5 more } params, RequestOptionsoptions?): V4PagePaginationArray<LabelListResponse { created_at, description, last_updated, 4 more } >
GET/zones/{zone_id}/api_gateway/labels
ModelsExpand Collapse
LabelListResponse { created_at, description, last_updated, 4 more }
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"
mapped_resources?: unknown

Provides counts of what resources are linked to this label

API GatewayLabelsUser

Create user labels
client.apiGateway.labels.user.bulkCreate(UserBulkCreateParams { zone_id, body } params, RequestOptionsoptions?): SinglePage<UserBulkCreateResponse { created_at, description, last_updated, 3 more } >
POST/zones/{zone_id}/api_gateway/labels/user
Delete user labels
client.apiGateway.labels.user.bulkDelete(UserBulkDeleteParams { zone_id } params, RequestOptionsoptions?): SinglePage<UserBulkDeleteResponse { created_at, description, last_updated, 3 more } >
DELETE/zones/{zone_id}/api_gateway/labels/user
Retrieve user label
client.apiGateway.labels.user.get(stringname, UserGetParams { zone_id, with_mapped_resource_counts } params, RequestOptionsoptions?): UserGetResponse { created_at, description, last_updated, 4 more }
GET/zones/{zone_id}/api_gateway/labels/user/{name}
Update user label
client.apiGateway.labels.user.update(stringname, UserUpdateParams { zone_id, description, metadata } params, RequestOptionsoptions?): UserUpdateResponse { created_at, description, last_updated, 3 more }
PUT/zones/{zone_id}/api_gateway/labels/user/{name}
Patch user label
client.apiGateway.labels.user.edit(stringname, UserEditParams { zone_id, description, metadata } params, RequestOptionsoptions?): UserEditResponse { created_at, description, last_updated, 3 more }
PATCH/zones/{zone_id}/api_gateway/labels/user/{name}
Delete user label
client.apiGateway.labels.user.delete(stringname, UserDeleteParams { zone_id } params, RequestOptionsoptions?): UserDeleteResponse { created_at, description, last_updated, 3 more }
DELETE/zones/{zone_id}/api_gateway/labels/user/{name}
ModelsExpand Collapse
UserBulkCreateResponse { created_at, description, last_updated, 3 more }
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"
UserBulkDeleteResponse { created_at, description, last_updated, 3 more }
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"
UserGetResponse { created_at, description, last_updated, 4 more }
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"
mapped_resources?: unknown

Provides counts of what resources are linked to this label

UserUpdateResponse { created_at, description, last_updated, 3 more }
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"
UserEditResponse { created_at, description, last_updated, 3 more }
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"
UserDeleteResponse { created_at, description, last_updated, 3 more }
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"

API GatewayLabelsUserResources

API GatewayLabelsUserResourcesOperation

Replace operation(s) attached to a user label
client.apiGateway.labels.user.resources.operation.update(stringname, OperationUpdateParams { zone_id, selector } params, RequestOptionsoptions?): OperationUpdateResponse { created_at, description, last_updated, 4 more }
PUT/zones/{zone_id}/api_gateway/labels/user/{name}/resources/operation
ModelsExpand Collapse
OperationUpdateResponse { created_at, description, last_updated, 4 more }
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"
mapped_resources?: unknown

Provides counts of what resources are linked to this label

API GatewayLabelsManaged

Retrieve managed label
client.apiGateway.labels.managed.get(stringname, ManagedGetParams { zone_id, with_mapped_resource_counts } params, RequestOptionsoptions?): ManagedGetResponse { created_at, description, last_updated, 4 more }
GET/zones/{zone_id}/api_gateway/labels/managed/{name}
ModelsExpand Collapse
ManagedGetResponse { created_at, description, last_updated, 4 more }
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"
mapped_resources?: unknown

Provides counts of what resources are linked to this label

API GatewayLabelsManagedResources

API GatewayLabelsManagedResourcesOperation

Replace operation(s) attached to a managed label
client.apiGateway.labels.managed.resources.operation.update(stringname, OperationUpdateParams { zone_id, selector } params, RequestOptionsoptions?): OperationUpdateResponse { created_at, description, last_updated, 4 more }
PUT/zones/{zone_id}/api_gateway/labels/managed/{name}/resources/operation
ModelsExpand Collapse
OperationUpdateResponse { created_at, description, last_updated, 4 more }
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"
mapped_resources?: unknown

Provides counts of what resources are linked to this label

API GatewayOperations

Retrieve information about all operations on a zone
client.apiGateway.operations.list(OperationListParams { zone_id, direction, endpoint, 6 more } params, RequestOptionsoptions?): V4PagePaginationArray<OperationListResponse { endpoint, host, last_updated, 3 more } >
GET/zones/{zone_id}/api_gateway/operations
Retrieve information about an operation
client.apiGateway.operations.get(stringoperationId, OperationGetParams { zone_id, feature } params, RequestOptionsoptions?): OperationGetResponse { endpoint, host, last_updated, 3 more }
GET/zones/{zone_id}/api_gateway/operations/{operation_id}
Add one operation to a zone
client.apiGateway.operations.create(OperationCreateParams { zone_id, endpoint, host, method } params, RequestOptionsoptions?): OperationCreateResponse { endpoint, host, last_updated, 3 more }
POST/zones/{zone_id}/api_gateway/operations/item
Delete an operation
client.apiGateway.operations.delete(stringoperationId, OperationDeleteParams { zone_id } params, RequestOptionsoptions?): OperationDeleteResponse { errors, messages, success }
DELETE/zones/{zone_id}/api_gateway/operations/{operation_id}
Add operations to a zone
client.apiGateway.operations.bulkCreate(OperationBulkCreateParams { zone_id, body } params, RequestOptionsoptions?): SinglePage<OperationBulkCreateResponse { endpoint, host, last_updated, 3 more } >
POST/zones/{zone_id}/api_gateway/operations
Delete multiple operations
client.apiGateway.operations.bulkDelete(OperationBulkDeleteParams { zone_id } params, RequestOptionsoptions?): OperationBulkDeleteResponse { errors, messages, success }
DELETE/zones/{zone_id}/api_gateway/operations
ModelsExpand Collapse
APIShield { endpoint, host, last_updated, 2 more }
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
last_updated: string
formatdate-time
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
operation_id: string

UUID.

maxLength36
minLength36
OperationListResponse { endpoint, host, last_updated, 3 more }
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
last_updated: string
formatdate-time
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
operation_id: string

UUID.

maxLength36
minLength36
features?: APIShieldOperationFeatureThresholds { thresholds } | APIShieldOperationFeatureParameterSchemas { parameter_schemas } | APIShieldOperationFeatureAPIRouting { api_routing } | 2 more
One of the following:
APIShieldOperationFeatureThresholds { thresholds }
thresholds?: Thresholds { auth_id_tokens, data_points, last_updated, 6 more }
auth_id_tokens?: number

The total number of auth-ids seen across this calculation.

data_points?: number

The number of data points used for the threshold suggestion calculation.

last_updated?: string
formatdate-time
p50?: number

The p50 quantile of requests (in period_seconds).

p90?: number

The p90 quantile of requests (in period_seconds).

p99?: number

The p99 quantile of requests (in period_seconds).

period_seconds?: number

The period over which this threshold is suggested.

requests?: number

The estimated number of requests covered by these calculations.

suggested_threshold?: number

The suggested threshold in requests done by the same auth_id or period_seconds.

APIShieldOperationFeatureParameterSchemas { parameter_schemas }
parameter_schemas: ParameterSchemas { last_updated, parameter_schemas }
last_updated?: string
formatdate-time
parameter_schemas?: ParameterSchemas { parameters, responses }

An operation schema object containing a response.

parameters?: Array<unknown>

An array containing the learned parameter schemas.

responses?: unknown

An empty response object. This field is required to yield a valid operation schema.

APIShieldOperationFeatureAPIRouting { api_routing }
api_routing?: APIRouting { last_updated, route }

API Routing settings on endpoint.

last_updated?: string
formatdate-time
route?: string

Target route.

APIShieldOperationFeatureConfidenceIntervals { confidence_intervals }
confidence_intervals?: ConfidenceIntervals { last_updated, suggested_threshold }
last_updated?: string
formatdate-time
suggested_threshold?: SuggestedThreshold { confidence_intervals, mean }
confidence_intervals?: ConfidenceIntervals { p90, p95, p99 }
p90?: P90 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

p95?: P95 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

p99?: P99 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

mean?: number

Suggested threshold.

APIShieldOperationFeatureSchemaInfo { schema_info }
schema_info?: SchemaInfo { active_schema, learned_available, mitigation_action }
active_schema?: ActiveSchema { id, created_at, is_learned, name }

Schema active on endpoint.

id?: string

UUID.

maxLength36
minLength36
created_at?: string
formatdate-time
is_learned?: boolean

True if schema is Cloudflare-provided.

name?: string

Schema file name.

learned_available?: boolean

True if a Cloudflare-provided learned schema is available for this endpoint.

mitigation_action?: "none" | "log" | "block" | null

Action taken on requests failing validation.

One of the following:
"none"
"log"
"block"
OperationGetResponse { endpoint, host, last_updated, 3 more }
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
last_updated: string
formatdate-time
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
operation_id: string

UUID.

maxLength36
minLength36
features?: APIShieldOperationFeatureThresholds { thresholds } | APIShieldOperationFeatureParameterSchemas { parameter_schemas } | APIShieldOperationFeatureAPIRouting { api_routing } | 2 more
One of the following:
APIShieldOperationFeatureThresholds { thresholds }
thresholds?: Thresholds { auth_id_tokens, data_points, last_updated, 6 more }
auth_id_tokens?: number

The total number of auth-ids seen across this calculation.

data_points?: number

The number of data points used for the threshold suggestion calculation.

last_updated?: string
formatdate-time
p50?: number

The p50 quantile of requests (in period_seconds).

p90?: number

The p90 quantile of requests (in period_seconds).

p99?: number

The p99 quantile of requests (in period_seconds).

period_seconds?: number

The period over which this threshold is suggested.

requests?: number

The estimated number of requests covered by these calculations.

suggested_threshold?: number

The suggested threshold in requests done by the same auth_id or period_seconds.

APIShieldOperationFeatureParameterSchemas { parameter_schemas }
parameter_schemas: ParameterSchemas { last_updated, parameter_schemas }
last_updated?: string
formatdate-time
parameter_schemas?: ParameterSchemas { parameters, responses }

An operation schema object containing a response.

parameters?: Array<unknown>

An array containing the learned parameter schemas.

responses?: unknown

An empty response object. This field is required to yield a valid operation schema.

APIShieldOperationFeatureAPIRouting { api_routing }
api_routing?: APIRouting { last_updated, route }

API Routing settings on endpoint.

last_updated?: string
formatdate-time
route?: string

Target route.

APIShieldOperationFeatureConfidenceIntervals { confidence_intervals }
confidence_intervals?: ConfidenceIntervals { last_updated, suggested_threshold }
last_updated?: string
formatdate-time
suggested_threshold?: SuggestedThreshold { confidence_intervals, mean }
confidence_intervals?: ConfidenceIntervals { p90, p95, p99 }
p90?: P90 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

p95?: P95 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

p99?: P99 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

mean?: number

Suggested threshold.

APIShieldOperationFeatureSchemaInfo { schema_info }
schema_info?: SchemaInfo { active_schema, learned_available, mitigation_action }
active_schema?: ActiveSchema { id, created_at, is_learned, name }

Schema active on endpoint.

id?: string

UUID.

maxLength36
minLength36
created_at?: string
formatdate-time
is_learned?: boolean

True if schema is Cloudflare-provided.

name?: string

Schema file name.

learned_available?: boolean

True if a Cloudflare-provided learned schema is available for this endpoint.

mitigation_action?: "none" | "log" | "block" | null

Action taken on requests failing validation.

One of the following:
"none"
"log"
"block"
OperationCreateResponse { endpoint, host, last_updated, 3 more }
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
last_updated: string
formatdate-time
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
operation_id: string

UUID.

maxLength36
minLength36
features?: APIShieldOperationFeatureThresholds { thresholds } | APIShieldOperationFeatureParameterSchemas { parameter_schemas } | APIShieldOperationFeatureAPIRouting { api_routing } | 2 more
One of the following:
APIShieldOperationFeatureThresholds { thresholds }
thresholds?: Thresholds { auth_id_tokens, data_points, last_updated, 6 more }
auth_id_tokens?: number

The total number of auth-ids seen across this calculation.

data_points?: number

The number of data points used for the threshold suggestion calculation.

last_updated?: string
formatdate-time
p50?: number

The p50 quantile of requests (in period_seconds).

p90?: number

The p90 quantile of requests (in period_seconds).

p99?: number

The p99 quantile of requests (in period_seconds).

period_seconds?: number

The period over which this threshold is suggested.

requests?: number

The estimated number of requests covered by these calculations.

suggested_threshold?: number

The suggested threshold in requests done by the same auth_id or period_seconds.

APIShieldOperationFeatureParameterSchemas { parameter_schemas }
parameter_schemas: ParameterSchemas { last_updated, parameter_schemas }
last_updated?: string
formatdate-time
parameter_schemas?: ParameterSchemas { parameters, responses }

An operation schema object containing a response.

parameters?: Array<unknown>

An array containing the learned parameter schemas.

responses?: unknown

An empty response object. This field is required to yield a valid operation schema.

APIShieldOperationFeatureAPIRouting { api_routing }
api_routing?: APIRouting { last_updated, route }

API Routing settings on endpoint.

last_updated?: string
formatdate-time
route?: string

Target route.

APIShieldOperationFeatureConfidenceIntervals { confidence_intervals }
confidence_intervals?: ConfidenceIntervals { last_updated, suggested_threshold }
last_updated?: string
formatdate-time
suggested_threshold?: SuggestedThreshold { confidence_intervals, mean }
confidence_intervals?: ConfidenceIntervals { p90, p95, p99 }
p90?: P90 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

p95?: P95 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

p99?: P99 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

mean?: number

Suggested threshold.

APIShieldOperationFeatureSchemaInfo { schema_info }
schema_info?: SchemaInfo { active_schema, learned_available, mitigation_action }
active_schema?: ActiveSchema { id, created_at, is_learned, name }

Schema active on endpoint.

id?: string

UUID.

maxLength36
minLength36
created_at?: string
formatdate-time
is_learned?: boolean

True if schema is Cloudflare-provided.

name?: string

Schema file name.

learned_available?: boolean

True if a Cloudflare-provided learned schema is available for this endpoint.

mitigation_action?: "none" | "log" | "block" | null

Action taken on requests failing validation.

One of the following:
"none"
"log"
"block"
OperationDeleteResponse { errors, messages, success }
errors: Message { code, message, documentation_url, source }
messages: Message { code, message, documentation_url, source }
success: true

Whether the API call was successful.

OperationBulkCreateResponse { endpoint, host, last_updated, 3 more }
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
last_updated: string
formatdate-time
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
operation_id: string

UUID.

maxLength36
minLength36
features?: APIShieldOperationFeatureThresholds { thresholds } | APIShieldOperationFeatureParameterSchemas { parameter_schemas } | APIShieldOperationFeatureAPIRouting { api_routing } | 2 more
One of the following:
APIShieldOperationFeatureThresholds { thresholds }
thresholds?: Thresholds { auth_id_tokens, data_points, last_updated, 6 more }
auth_id_tokens?: number

The total number of auth-ids seen across this calculation.

data_points?: number

The number of data points used for the threshold suggestion calculation.

last_updated?: string
formatdate-time
p50?: number

The p50 quantile of requests (in period_seconds).

p90?: number

The p90 quantile of requests (in period_seconds).

p99?: number

The p99 quantile of requests (in period_seconds).

period_seconds?: number

The period over which this threshold is suggested.

requests?: number

The estimated number of requests covered by these calculations.

suggested_threshold?: number

The suggested threshold in requests done by the same auth_id or period_seconds.

APIShieldOperationFeatureParameterSchemas { parameter_schemas }
parameter_schemas: ParameterSchemas { last_updated, parameter_schemas }
last_updated?: string
formatdate-time
parameter_schemas?: ParameterSchemas { parameters, responses }

An operation schema object containing a response.

parameters?: Array<unknown>

An array containing the learned parameter schemas.

responses?: unknown

An empty response object. This field is required to yield a valid operation schema.

APIShieldOperationFeatureAPIRouting { api_routing }
api_routing?: APIRouting { last_updated, route }

API Routing settings on endpoint.

last_updated?: string
formatdate-time
route?: string

Target route.

APIShieldOperationFeatureConfidenceIntervals { confidence_intervals }
confidence_intervals?: ConfidenceIntervals { last_updated, suggested_threshold }
last_updated?: string
formatdate-time
suggested_threshold?: SuggestedThreshold { confidence_intervals, mean }
confidence_intervals?: ConfidenceIntervals { p90, p95, p99 }
p90?: P90 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

p95?: P95 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

p99?: P99 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

mean?: number

Suggested threshold.

APIShieldOperationFeatureSchemaInfo { schema_info }
schema_info?: SchemaInfo { active_schema, learned_available, mitigation_action }
active_schema?: ActiveSchema { id, created_at, is_learned, name }

Schema active on endpoint.

id?: string

UUID.

maxLength36
minLength36
created_at?: string
formatdate-time
is_learned?: boolean

True if schema is Cloudflare-provided.

name?: string

Schema file name.

learned_available?: boolean

True if a Cloudflare-provided learned schema is available for this endpoint.

mitigation_action?: "none" | "log" | "block" | null

Action taken on requests failing validation.

One of the following:
"none"
"log"
"block"
OperationBulkDeleteResponse { errors, messages, success }
errors: Message { code, message, documentation_url, source }
messages: Message { code, message, documentation_url, source }
success: true

Whether the API call was successful.

API GatewayOperationsLabels

Replace label(s) on an operation in endpoint management
client.apiGateway.operations.labels.update(stringoperationId, LabelUpdateParams { zone_id, managed, user } params, RequestOptionsoptions?): LabelUpdateResponse { endpoint, host, last_updated, 3 more }
PUT/zones/{zone_id}/api_gateway/operations/{operation_id}/labels
Attach label(s) on an operation in endpoint management
client.apiGateway.operations.labels.create(stringoperationId, LabelCreateParams { zone_id, managed, user } params, RequestOptionsoptions?): LabelCreateResponse { endpoint, host, last_updated, 3 more }
POST/zones/{zone_id}/api_gateway/operations/{operation_id}/labels
Remove label(s) on an operation in endpoint management
client.apiGateway.operations.labels.delete(stringoperationId, LabelDeleteParams { zone_id } params, RequestOptionsoptions?): LabelDeleteResponse { endpoint, host, last_updated, 3 more }
DELETE/zones/{zone_id}/api_gateway/operations/{operation_id}/labels
Bulk replace label(s) on operation(s) in endpoint management
client.apiGateway.operations.labels.bulkUpdate(LabelBulkUpdateParams { zone_id, managed, selector, user } params, RequestOptionsoptions?): SinglePage<LabelBulkUpdateResponse { endpoint, host, last_updated, 3 more } >
PUT/zones/{zone_id}/api_gateway/operations/labels
Bulk attach label(s) on operation(s) in endpoint management
client.apiGateway.operations.labels.bulkCreate(LabelBulkCreateParams { zone_id, selector, managed, user } params, RequestOptionsoptions?): SinglePage<LabelBulkCreateResponse { endpoint, host, last_updated, 3 more } >
POST/zones/{zone_id}/api_gateway/operations/labels
Bulk remove label(s) on operation(s) in endpoint management
client.apiGateway.operations.labels.bulkDelete(LabelBulkDeleteParams { zone_id } params, RequestOptionsoptions?): SinglePage<LabelBulkDeleteResponse { endpoint, host, last_updated, 3 more } >
DELETE/zones/{zone_id}/api_gateway/operations/labels
ModelsExpand Collapse
LabelUpdateResponse { endpoint, host, last_updated, 3 more }
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
last_updated: string
formatdate-time
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
operation_id: string

UUID.

maxLength36
minLength36
labels?: Array<Label>
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"
LabelCreateResponse { endpoint, host, last_updated, 3 more }
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
last_updated: string
formatdate-time
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
operation_id: string

UUID.

maxLength36
minLength36
labels?: Array<Label>
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"
LabelDeleteResponse { endpoint, host, last_updated, 3 more }
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
last_updated: string
formatdate-time
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
operation_id: string

UUID.

maxLength36
minLength36
labels?: Array<Label>
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"
LabelBulkUpdateResponse { endpoint, host, last_updated, 3 more }
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
last_updated: string
formatdate-time
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
operation_id: string

UUID.

maxLength36
minLength36
labels?: Array<Label>
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"
LabelBulkCreateResponse { endpoint, host, last_updated, 3 more }
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
last_updated: string
formatdate-time
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
operation_id: string

UUID.

maxLength36
minLength36
labels?: Array<Label>
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"
LabelBulkDeleteResponse { endpoint, host, last_updated, 3 more }
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
last_updated: string
formatdate-time
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
operation_id: string

UUID.

maxLength36
minLength36
labels?: Array<Label>
created_at: string
formatdate-time
description: string

The description of the label

last_updated: string
formatdate-time
metadata: unknown

Metadata for the label

name: string

The name of the label

source: "user" | "managed"
  • user - label is owned by the user
  • managed - label is owned by cloudflare
One of the following:
"user"
"managed"

API GatewayOperationsSchema Validation

Retrieve operation-level schema validation settings
Deprecated
client.apiGateway.operations.schemaValidation.get(stringoperationId, SchemaValidationGetParams { zone_id } params, RequestOptionsoptions?): SchemaValidationGetResponse { mitigation_action, operation_id }
GET/zones/{zone_id}/api_gateway/operations/{operation_id}/schema_validation
Update operation-level schema validation settings
Deprecated
client.apiGateway.operations.schemaValidation.update(stringoperationId, SchemaValidationUpdateParams { zone_id, mitigation_action } params, RequestOptionsoptions?): SchemaValidationUpdateResponse { mitigation_action, operation_id }
PUT/zones/{zone_id}/api_gateway/operations/{operation_id}/schema_validation
Update multiple operation-level schema validation settings
Deprecated
client.apiGateway.operations.schemaValidation.edit(SchemaValidationEditParams { zone_id, settings_multiple_request } params, RequestOptionsoptions?): SettingsMultipleRequest { mitigation_action }
PATCH/zones/{zone_id}/api_gateway/operations/schema_validation
ModelsExpand Collapse
SettingsMultipleRequest = Record<string, item>
mitigation_action?: "log" | "block" | "none" | null

When set, this applies a mitigation action to this operation

  • log log request when request does not conform to schema for this operation
  • block deny access to the site when request does not conform to schema for this operation
  • none will skip mitigation for this operation
  • null indicates that no operation level mitigation is in place, see Zone Level Schema Validation Settings for mitigation action that will be applied
One of the following:
"log"
"block"
"none"
SchemaValidationGetResponse { mitigation_action, operation_id }
mitigation_action?: "log" | "block" | "none" | null

When set, this applies a mitigation action to this operation

  • log log request when request does not conform to schema for this operation
  • block deny access to the site when request does not conform to schema for this operation
  • none will skip mitigation for this operation
  • null indicates that no operation level mitigation is in place, see Zone Level Schema Validation Settings for mitigation action that will be applied
One of the following:
"log"
"block"
"none"
operation_id?: string

UUID.

maxLength36
minLength36
SchemaValidationUpdateResponse { mitigation_action, operation_id }
mitigation_action?: "log" | "block" | "none" | null

When set, this applies a mitigation action to this operation

  • log log request when request does not conform to schema for this operation
  • block deny access to the site when request does not conform to schema for this operation
  • none will skip mitigation for this operation
  • null indicates that no operation level mitigation is in place, see Zone Level Schema Validation Settings for mitigation action that will be applied
One of the following:
"log"
"block"
"none"
operation_id?: string

UUID.

maxLength36
minLength36

API GatewaySchemas

Retrieve operations and features as OpenAPI schemas
client.apiGateway.schemas.list(SchemaListParams { zone_id, feature, host } params, RequestOptionsoptions?): SchemaListResponse { schemas, timestamp }
GET/zones/{zone_id}/api_gateway/schemas
ModelsExpand Collapse
SchemaListResponse { schemas, timestamp }
schemas?: Array<unknown>
timestamp?: string

API GatewaySettings

ModelsExpand Collapse
Settings { validation_default_mitigation_action, validation_override_mitigation_action }
validation_default_mitigation_action?: "none" | "log" | "block"

The default mitigation action used when there is no mitigation action defined on the operation

Mitigation actions are as follows:

  • log - log request when request does not conform to schema
  • block - deny access to the site when request does not conform to schema

A special value of of none will skip running schema validation entirely for the request when there is no mitigation action defined on the operation

One of the following:
"none"
"log"
"block"
validation_override_mitigation_action?: "none" | null

When set, this overrides both zone level and operation level mitigation actions.

  • none will skip running schema validation entirely for the request
  • null indicates that no override is in place

API GatewaySettingsSchema Validation

Retrieve zone level schema validation settings
Deprecated
client.apiGateway.settings.schemaValidation.get(SchemaValidationGetParams { zone_id } params, RequestOptionsoptions?): Settings { validation_default_mitigation_action, validation_override_mitigation_action }
GET/zones/{zone_id}/api_gateway/settings/schema_validation
Update zone level schema validation settings
Deprecated
client.apiGateway.settings.schemaValidation.update(SchemaValidationUpdateParams { zone_id, validation_default_mitigation_action, validation_override_mitigation_action } params, RequestOptionsoptions?): Settings { validation_default_mitigation_action, validation_override_mitigation_action }
PUT/zones/{zone_id}/api_gateway/settings/schema_validation
Update zone level schema validation settings
Deprecated
client.apiGateway.settings.schemaValidation.edit(SchemaValidationEditParams { zone_id, validation_default_mitigation_action, validation_override_mitigation_action } params, RequestOptionsoptions?): Settings { validation_default_mitigation_action, validation_override_mitigation_action }
PATCH/zones/{zone_id}/api_gateway/settings/schema_validation

API GatewayUser Schemas

Retrieve information about all schemas on a zone
Deprecated
client.apiGateway.userSchemas.list(UserSchemaListParams { zone_id, omit_source, page, 2 more } params, RequestOptionsoptions?): V4PagePaginationArray<OldPublicSchema { created_at, kind, name, 3 more } >
GET/zones/{zone_id}/api_gateway/user_schemas
Retrieve information about a specific schema on a zone
Deprecated
client.apiGateway.userSchemas.get(stringschemaId, UserSchemaGetParams { zone_id, omit_source } params, RequestOptionsoptions?): OldPublicSchema { created_at, kind, name, 3 more }
GET/zones/{zone_id}/api_gateway/user_schemas/{schema_id}
Upload a schema to a zone
Deprecated
client.apiGateway.userSchemas.create(UserSchemaCreateParams { zone_id, file, kind, 2 more } params, RequestOptionsoptions?): UserSchemaCreateResponse { schema, upload_details }
POST/zones/{zone_id}/api_gateway/user_schemas
Enable validation for a schema
Deprecated
client.apiGateway.userSchemas.edit(stringschemaId, UserSchemaEditParams { zone_id, validation_enabled } params, RequestOptionsoptions?): OldPublicSchema { created_at, kind, name, 3 more }
PATCH/zones/{zone_id}/api_gateway/user_schemas/{schema_id}
Delete a schema
Deprecated
client.apiGateway.userSchemas.delete(stringschemaId, UserSchemaDeleteParams { zone_id } params, RequestOptionsoptions?): UserSchemaDeleteResponse { errors, messages, success }
DELETE/zones/{zone_id}/api_gateway/user_schemas/{schema_id}
ModelsExpand Collapse
Message = Array<MessageItem>
code: number
minimum1000
message: string
documentation_url?: string
source?: Source { pointer }
pointer?: string
OldPublicSchema { created_at, kind, name, 3 more }
created_at: string
formatdate-time
kind: "openapi_v3"

Kind of schema

name: string

Name of the schema

schema_id: string

UUID.

maxLength36
minLength36
source?: string

Source of the schema

validation_enabled?: boolean

Flag whether schema is enabled for validation.

UserSchemaCreateResponse { schema, upload_details }
schema: OldPublicSchema { created_at, kind, name, 3 more }
upload_details?: UploadDetails { warnings }
warnings?: Array<Warning>

Diagnostic warning events that occurred during processing. These events are non-critical errors found within the schema.

code: number

Code that identifies the event that occurred.

locations?: Array<string>

JSONPath location(s) in the schema where these events were encountered. See https://goessner.net/articles/JsonPath/ for JSONPath specification.

message?: string

Diagnostic message that describes the event.

UserSchemaDeleteResponse { errors, messages, success }
errors: Message { code, message, documentation_url, source }
messages: Message { code, message, documentation_url, source }
success: true

Whether the API call was successful.

API GatewayUser SchemasOperations

Retrieve all operations from a schema.
Deprecated
client.apiGateway.userSchemas.operations.list(stringschemaId, OperationListParams { zone_id, endpoint, feature, 5 more } params, RequestOptionsoptions?): V4PagePaginationArray<OperationListResponse>
GET/zones/{zone_id}/api_gateway/user_schemas/{schema_id}/operations
ModelsExpand Collapse
OperationListResponse = APIShieldOperation { endpoint, host, last_updated, 3 more } | APIShieldBasicOperation { endpoint, host, method }
One of the following:
APIShieldOperation { endpoint, host, last_updated, 3 more }
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
last_updated: string
formatdate-time
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
operation_id: string

UUID.

maxLength36
minLength36
features?: APIShieldOperationFeatureThresholds { thresholds } | APIShieldOperationFeatureParameterSchemas { parameter_schemas } | APIShieldOperationFeatureAPIRouting { api_routing } | 2 more
One of the following:
APIShieldOperationFeatureThresholds { thresholds }
thresholds?: Thresholds { auth_id_tokens, data_points, last_updated, 6 more }
auth_id_tokens?: number

The total number of auth-ids seen across this calculation.

data_points?: number

The number of data points used for the threshold suggestion calculation.

last_updated?: string
formatdate-time
p50?: number

The p50 quantile of requests (in period_seconds).

p90?: number

The p90 quantile of requests (in period_seconds).

p99?: number

The p99 quantile of requests (in period_seconds).

period_seconds?: number

The period over which this threshold is suggested.

requests?: number

The estimated number of requests covered by these calculations.

suggested_threshold?: number

The suggested threshold in requests done by the same auth_id or period_seconds.

APIShieldOperationFeatureParameterSchemas { parameter_schemas }
parameter_schemas: ParameterSchemas { last_updated, parameter_schemas }
last_updated?: string
formatdate-time
parameter_schemas?: ParameterSchemas { parameters, responses }

An operation schema object containing a response.

parameters?: Array<unknown>

An array containing the learned parameter schemas.

responses?: unknown

An empty response object. This field is required to yield a valid operation schema.

APIShieldOperationFeatureAPIRouting { api_routing }
api_routing?: APIRouting { last_updated, route }

API Routing settings on endpoint.

last_updated?: string
formatdate-time
route?: string

Target route.

APIShieldOperationFeatureConfidenceIntervals { confidence_intervals }
confidence_intervals?: ConfidenceIntervals { last_updated, suggested_threshold }
last_updated?: string
formatdate-time
suggested_threshold?: SuggestedThreshold { confidence_intervals, mean }
confidence_intervals?: ConfidenceIntervals { p90, p95, p99 }
p90?: P90 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

p95?: P95 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

p99?: P99 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

mean?: number

Suggested threshold.

APIShieldOperationFeatureSchemaInfo { schema_info }
schema_info?: SchemaInfo { active_schema, learned_available, mitigation_action }
active_schema?: ActiveSchema { id, created_at, is_learned, name }

Schema active on endpoint.

id?: string

UUID.

maxLength36
minLength36
created_at?: string
formatdate-time
is_learned?: boolean

True if schema is Cloudflare-provided.

name?: string

Schema file name.

learned_available?: boolean

True if a Cloudflare-provided learned schema is available for this endpoint.

mitigation_action?: "none" | "log" | "block" | null

Action taken on requests failing validation.

One of the following:
"none"
"log"
"block"
APIShieldBasicOperation { endpoint, host, method }
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"

API GatewayUser SchemasHosts

Retrieve schema hosts in a zone
Deprecated
client.apiGateway.userSchemas.hosts.list(HostListParams { zone_id, page, per_page } params, RequestOptionsoptions?): V4PagePaginationArray<HostListResponse { created_at, hosts, name, schema_id } >
GET/zones/{zone_id}/api_gateway/user_schemas/hosts
ModelsExpand Collapse
HostListResponse { created_at, hosts, name, schema_id }
created_at: string
formatdate-time
hosts: Array<string>

Hosts serving the schema, e.g zone.host.com

name: string

Name of the schema

schema_id: string

UUID.

maxLength36
minLength36

API GatewayExpression Template

API GatewayExpression TemplateFallthrough

Generate fallthrough WAF expression template from a set of API hosts
client.apiGateway.expressionTemplate.fallthrough.create(FallthroughCreateParams { zone_id, hosts } params, RequestOptionsoptions?): FallthroughCreateResponse { expression, title }
POST/zones/{zone_id}/api_gateway/expression-template/fallthrough
ModelsExpand Collapse
FallthroughCreateResponse { expression, title }
expression: string

WAF Expression for fallthrough

title: string

Title for the expression