# Csam Scanner ## Get CSAM Scanner setting `client.csamScanner.get(CsamScannerGetParamsparams, RequestOptionsoptions?): CsamScannerGetResponse` **get** `/zones/{zone_id}/settings/csam_scanner_third_party` Retrieve the current CSAM Scanner configuration for a zone. The notification email is masked by default in responses. ### Parameters - `params: CsamScannerGetParams` - `zone_id: string` Identifier for the zone. ### Returns - `CsamScannerGetResponse` CSAM Scanner configuration for a zone. - `id?: "csam_scanner"` The feature identifier. - `"csam_scanner"` - `editable?: boolean` Whether the feature state can be changed. When false, the zone or account may be locked by Trust & Safety. - `modified_on?: string | null` When the setting was last modified. Currently always null as the server does not populate this field. - `value?: Value` The CSAM Scanner feature configuration values. Contains the notification email and scanning enablement settings. - `email?: string` Notification email address for CSAM scan results. Masked in responses unless explicitly unmasked via admin endpoint. - `email_state?: "valid" | "pending" | "unverified"` Current verification state of the notification email. - `"valid"` - `"pending"` - `"unverified"` - `enabled?: boolean` Whether CSAM scanning is enabled for this zone. - `sources?: Record` Map of scanning sources and their enabled state. - `zone_plan?: string` The zone's plan level. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const csamScanner = await client.csamScanner.get({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' }); console.log(csamScanner.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "csam_scanner", "editable": true, "modified_on": "2019-12-27T18:11:19.117Z", "value": { "email": "**********", "email_state": "valid", "enabled": true, "sources": { "source1": true }, "zone_plan": "ent" } } } ``` ## Update CSAM Scanner setting `client.csamScanner.edit(CsamScannerEditParamsparams, RequestOptionsoptions?): CsamScannerEditResponse` **patch** `/zones/{zone_id}/settings/csam_scanner_third_party` Update the CSAM Scanner configuration for a zone. Allows enabling or disabling CSAM scanning, updating the notification email, and configuring scanning sources. When a new email is provided, email verification is triggered automatically. The `enabled` field is a toggle; the server may adjust it based on whether the notification email is verified. Returns 403 if the zone or account is locked by Trust & Safety. ### Parameters - `params: CsamScannerEditParams` - `zone_id: string` Path param: Identifier for the zone. - `id?: "csam_scanner"` Body param: The feature identifier. - `"csam_scanner"` - `value?: Value` Body param: Writable CSAM Scanner feature configuration values. - `email?: string` Notification email address for CSAM scan results. When changed, email verification is triggered automatically. - `enabled?: boolean` Whether CSAM scanning is enabled for this zone. - `resend_email?: boolean` Set to true to trigger re-sending the email verification. Write-only; never appears in responses (omitted when false). - `sources?: Record` Map of scanning sources and their enabled state. ### Returns - `CsamScannerEditResponse` CSAM Scanner configuration for a zone. - `id?: "csam_scanner"` The feature identifier. - `"csam_scanner"` - `editable?: boolean` Whether the feature state can be changed. When false, the zone or account may be locked by Trust & Safety. - `modified_on?: string | null` When the setting was last modified. Currently always null as the server does not populate this field. - `value?: Value` The CSAM Scanner feature configuration values. Contains the notification email and scanning enablement settings. - `email?: string` Notification email address for CSAM scan results. Masked in responses unless explicitly unmasked via admin endpoint. - `email_state?: "valid" | "pending" | "unverified"` Current verification state of the notification email. - `"valid"` - `"pending"` - `"unverified"` - `enabled?: boolean` Whether CSAM scanning is enabled for this zone. - `sources?: Record` Map of scanning sources and their enabled state. - `zone_plan?: string` The zone's plan level. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const response = await client.csamScanner.edit({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' }); console.log(response.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "csam_scanner", "editable": true, "modified_on": "2019-12-27T18:11:19.117Z", "value": { "email": "**********", "email_state": "valid", "enabled": true, "sources": { "source1": true }, "zone_plan": "ent" } } } ``` ## Domain Types ### Csam Scanner Get Response - `CsamScannerGetResponse` CSAM Scanner configuration for a zone. - `id?: "csam_scanner"` The feature identifier. - `"csam_scanner"` - `editable?: boolean` Whether the feature state can be changed. When false, the zone or account may be locked by Trust & Safety. - `modified_on?: string | null` When the setting was last modified. Currently always null as the server does not populate this field. - `value?: Value` The CSAM Scanner feature configuration values. Contains the notification email and scanning enablement settings. - `email?: string` Notification email address for CSAM scan results. Masked in responses unless explicitly unmasked via admin endpoint. - `email_state?: "valid" | "pending" | "unverified"` Current verification state of the notification email. - `"valid"` - `"pending"` - `"unverified"` - `enabled?: boolean` Whether CSAM scanning is enabled for this zone. - `sources?: Record` Map of scanning sources and their enabled state. - `zone_plan?: string` The zone's plan level. ### Csam Scanner Edit Response - `CsamScannerEditResponse` CSAM Scanner configuration for a zone. - `id?: "csam_scanner"` The feature identifier. - `"csam_scanner"` - `editable?: boolean` Whether the feature state can be changed. When false, the zone or account may be locked by Trust & Safety. - `modified_on?: string | null` When the setting was last modified. Currently always null as the server does not populate this field. - `value?: Value` The CSAM Scanner feature configuration values. Contains the notification email and scanning enablement settings. - `email?: string` Notification email address for CSAM scan results. Masked in responses unless explicitly unmasked via admin endpoint. - `email_state?: "valid" | "pending" | "unverified"` Current verification state of the notification email. - `"valid"` - `"pending"` - `"unverified"` - `enabled?: boolean` Whether CSAM scanning is enabled for this zone. - `sources?: Record` Map of scanning sources and their enabled state. - `zone_plan?: string` The zone's plan level.