API Reference

Zero Trust

Access

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Certificates

List mTLS certificates

client.zeroTrust.access.certificates.list(CertificateListParams { account_id, zone_id, page, per_page } params?, RequestOptionsoptions?): V4PagePaginationArray<Certificate { id, associated_hostnames, expires_on, 2 more } >

GET/{accounts_or_zones}/{account_or_zone_id}/access/certificates

Get an mTLS certificate

client.zeroTrust.access.certificates.get(stringcertificateId, CertificateGetParams { account_id, zone_id } params?, RequestOptionsoptions?): Certificate { id, associated_hostnames, expires_on, 2 more }

GET/{accounts_or_zones}/{account_or_zone_id}/access/certificates/{certificate_id}

Add an mTLS certificate

client.zeroTrust.access.certificates.create(CertificateCreateParams { certificate, name, account_id, 2 more } params, RequestOptionsoptions?): Certificate { id, associated_hostnames, expires_on, 2 more }

POST/{accounts_or_zones}/{account_or_zone_id}/access/certificates

Update an mTLS certificate

client.zeroTrust.access.certificates.update(stringcertificateId, CertificateUpdateParams { associated_hostnames, account_id, zone_id, name } params, RequestOptionsoptions?): Certificate { id, associated_hostnames, expires_on, 2 more }

PUT/{accounts_or_zones}/{account_or_zone_id}/access/certificates/{certificate_id}

Delete an mTLS certificate

client.zeroTrust.access.certificates.delete(stringcertificateId, CertificateDeleteParams { account_id, zone_id } params?, RequestOptionsoptions?): CertificateDeleteResponse { id }

DELETE/{accounts_or_zones}/{account_or_zone_id}/access/certificates/{certificate_id}

ModelsExpand Collapse

AssociatedHostnames = string

A fully-qualified domain name (FQDN).

Certificate { id, associated_hostnames, expires_on, 2 more }

id?: string

The ID of the application that will use this certificate.

associated_hostnames?: Array<AssociatedHostnames>

The hostnames of the applications that will use this certificate.

expires_on?: string

formatdate-time

fingerprint?: string

The MD5 fingerprint of the certificate.

name?: string

The name of the certificate.

CertificateDeleteResponse { id }

id?: string

UUID.

maxLength36

CertificatesSettings

List all mTLS hostname settings

client.zeroTrust.access.certificates.settings.get(SettingGetParams { account_id, zone_id } params?, RequestOptionsoptions?): SinglePage<CertificateSettings { china_network, client_certificate_forwarding, hostname } >

GET/{accounts_or_zones}/{account_or_zone_id}/access/certificates/settings

Update an mTLS certificate's hostname settings

client.zeroTrust.access.certificates.settings.update(SettingUpdateParams { settings, account_id, zone_id } params, RequestOptionsoptions?): SinglePage<CertificateSettings { china_network, client_certificate_forwarding, hostname } >

PUT/{accounts_or_zones}/{account_or_zone_id}/access/certificates/settings

ModelsExpand Collapse

CertificateSettings { china_network, client_certificate_forwarding, hostname }

china_network: boolean

Request client certificates for this hostname in China. Can only be set to true if this zone is china network enabled.

client_certificate_forwarding: boolean

Client Certificate Forwarding is a feature that takes the client cert provided by the eyeball to the edge, and forwards it to the origin as a HTTP header to allow logging on the origin.

hostname: string

The hostname that these settings apply to.