Skip to content
Cloudflare API
Start here
API Reference
API Gateway
Operations

Add one operation to a zone

client.apiGateway.operations.create(OperationCreateParams { zone_id, endpoint, host, method } params, RequestOptionsoptions?): OperationCreateResponse { endpoint, host, last_updated, 3 more }
POST/zones/{zone_id}/api_gateway/operations/item

Add one operation to a zone. Endpoints can contain path variables. Host, method, endpoint will be normalized to a canoncial form when creating an operation and must be unique on the zone. Inserting an operation that matches an existing one will return the record of the already existing operation and update its last_updated date.

Security
API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY
API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194
Accepted Permissions (at least one required)
Account API GatewayDomain API Gateway
ParametersExpand Collapse
params: OperationCreateParams { zone_id, endpoint, host, method }
zone_id: string

Path param: Identifier.

maxLength32
endpoint: string

Body param: The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

Body param: RFC3986-compliant host.

formathostname
maxLength255
method: "GET" | "POST" | "HEAD" | 6 more

Body param: The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
ReturnsExpand Collapse
OperationCreateResponse { endpoint, host, last_updated, 3 more }
endpoint: string

The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.

formaturi-template
maxLength4096
host: string

RFC3986-compliant host.

formathostname
maxLength255
last_updated: string
formatdate-time
method: "GET" | "POST" | "HEAD" | 6 more

The HTTP method used to access the endpoint.

One of the following:
"GET"
"POST"
"HEAD"
"OPTIONS"
"PUT"
"DELETE"
"CONNECT"
"PATCH"
"TRACE"
operation_id: string

UUID.

maxLength36
minLength36
features?: APIShieldOperationFeatureThresholds { thresholds } | APIShieldOperationFeatureParameterSchemas { parameter_schemas } | APIShieldOperationFeatureAPIRouting { api_routing } | 2 more
One of the following:
APIShieldOperationFeatureThresholds { thresholds }
thresholds?: Thresholds { auth_id_tokens, data_points, last_updated, 6 more }
auth_id_tokens?: number

The total number of auth-ids seen across this calculation.

data_points?: number

The number of data points used for the threshold suggestion calculation.

last_updated?: string
formatdate-time
p50?: number

The p50 quantile of requests (in period_seconds).

p90?: number

The p90 quantile of requests (in period_seconds).

p99?: number

The p99 quantile of requests (in period_seconds).

period_seconds?: number

The period over which this threshold is suggested.

requests?: number

The estimated number of requests covered by these calculations.

suggested_threshold?: number

The suggested threshold in requests done by the same auth_id or period_seconds.

APIShieldOperationFeatureParameterSchemas { parameter_schemas }
parameter_schemas: ParameterSchemas { last_updated, parameter_schemas }
last_updated?: string
formatdate-time
parameter_schemas?: ParameterSchemas { parameters, responses }

An operation schema object containing a response.

parameters?: Array<unknown>

An array containing the learned parameter schemas.

responses?: unknown

An empty response object. This field is required to yield a valid operation schema.

APIShieldOperationFeatureAPIRouting { api_routing }
api_routing?: APIRouting { last_updated, route }

API Routing settings on endpoint.

last_updated?: string
formatdate-time
route?: string

Target route.

APIShieldOperationFeatureConfidenceIntervals { confidence_intervals }
confidence_intervals?: ConfidenceIntervals { last_updated, suggested_threshold }
last_updated?: string
formatdate-time
suggested_threshold?: SuggestedThreshold { confidence_intervals, mean }
confidence_intervals?: ConfidenceIntervals { p90, p95, p99 }
p90?: P90 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

p95?: P95 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

p99?: P99 { lower, upper }

Upper and lower bound for percentile estimate

lower?: number

Lower bound for percentile estimate

upper?: number

Upper bound for percentile estimate

mean?: number

Suggested threshold.

APIShieldOperationFeatureSchemaInfo { schema_info }
schema_info?: SchemaInfo { active_schema, learned_available, mitigation_action }
active_schema?: ActiveSchema { id, created_at, is_learned, name }

Schema active on endpoint.

id?: string

UUID.

maxLength36
minLength36
created_at?: string
formatdate-time
is_learned?: boolean

True if schema is Cloudflare-provided.

name?: string

Schema file name.

learned_available?: boolean

True if a Cloudflare-provided learned schema is available for this endpoint.

mitigation_action?: "none" | "log" | "block" | null

Action taken on requests failing validation.

One of the following:
"none"
"log"
"block"

Add one operation to a zone

import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const operation = await client.apiGateway.operations.create({
  zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
  endpoint: '/api/v1/users/{var1}',
  host: 'www.example.com',
  method: 'GET',
});

console.log(operation.operation_id);
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "endpoint": "/api/v1/users/{var1}",
    "host": "www.example.com",
    "last_updated": "2014-01-01T05:20:00.12345Z",
    "method": "GET",
    "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "features": {
      "thresholds": {
        "auth_id_tokens": 0,
        "data_points": 0,
        "last_updated": "2014-01-01T05:20:00.12345Z",
        "p50": 0,
        "p90": 0,
        "p99": 0,
        "period_seconds": 0,
        "requests": 0,
        "suggested_threshold": 0
      }
    }
  },
  "success": true
}
Returns Examples
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "endpoint": "/api/v1/users/{var1}",
    "host": "www.example.com",
    "last_updated": "2014-01-01T05:20:00.12345Z",
    "method": "GET",
    "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    "features": {
      "thresholds": {
        "auth_id_tokens": 0,
        "data_points": 0,
        "last_updated": "2014-01-01T05:20:00.12345Z",
        "p50": 0,
        "p90": 0,
        "p99": 0,
        "period_seconds": 0,
        "requests": 0,
        "suggested_threshold": 0
      }
    }
  },
  "success": true
}