Skip to content
Cloudflare API
Start here
API Reference
Zero Trust
Access

Service Tokens

List service tokens
client.zeroTrust.access.serviceTokens.list(ServiceTokenListParams { account_id, zone_id, name, 3 more } params?, RequestOptionsoptions?): V4PagePaginationArray<ServiceToken { id, client_id, duration, 2 more } >
GET/{accounts_or_zones}/{account_or_zone_id}/access/service_tokens
Get a service token
client.zeroTrust.access.serviceTokens.get(stringserviceTokenId, ServiceTokenGetParams { account_id, zone_id } params?, RequestOptionsoptions?): ServiceToken { id, client_id, duration, 2 more }
GET/{accounts_or_zones}/{account_or_zone_id}/access/service_tokens/{service_token_id}
Create a service token
client.zeroTrust.access.serviceTokens.create(ServiceTokenCreateParams { name, account_id, zone_id, 3 more } params, RequestOptionsoptions?): ServiceTokenCreateResponse { id, client_id, client_secret, 2 more }
POST/{accounts_or_zones}/{account_or_zone_id}/access/service_tokens
Update a service token
client.zeroTrust.access.serviceTokens.update(stringserviceTokenId, ServiceTokenUpdateParams { account_id, zone_id, client_secret_version, 3 more } params, RequestOptionsoptions?): ServiceToken { id, client_id, duration, 2 more }
PUT/{accounts_or_zones}/{account_or_zone_id}/access/service_tokens/{service_token_id}
Delete a service token
client.zeroTrust.access.serviceTokens.delete(stringserviceTokenId, ServiceTokenDeleteParams { account_id, zone_id } params?, RequestOptionsoptions?): ServiceToken { id, client_id, duration, 2 more }
DELETE/{accounts_or_zones}/{account_or_zone_id}/access/service_tokens/{service_token_id}
Refresh a service token
client.zeroTrust.access.serviceTokens.refresh(stringserviceTokenId, ServiceTokenRefreshParams { account_id } params, RequestOptionsoptions?): ServiceToken { id, client_id, duration, 2 more }
POST/accounts/{account_id}/access/service_tokens/{service_token_id}/refresh
Rotate a service token
client.zeroTrust.access.serviceTokens.rotate(stringserviceTokenId, ServiceTokenRotateParams { account_id, previous_client_secret_expires_at } params, RequestOptionsoptions?): ServiceTokenRotateResponse { id, client_id, client_secret, 2 more }
POST/accounts/{account_id}/access/service_tokens/{service_token_id}/rotate
ModelsExpand Collapse
ServiceToken { id, client_id, duration, 2 more }
id?: string

The ID of the service token.

maxLength36
client_id?: string

The Client ID for the service token. Access will check for this value in the CF-Access-Client-ID request header.

duration?: string

The duration for how long the service token will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h. The default is 1 year in hours (8760h).

expires_at?: string
formatdate-time
name?: string

The name of the service token.

ServiceTokenCreateResponse { id, client_id, client_secret, 2 more }
id?: string

The ID of the service token.

client_id?: string

The Client ID for the service token. Access will check for this value in the CF-Access-Client-ID request header.

client_secret?: string

The Client Secret for the service token. Access will check for this value in the CF-Access-Client-Secret request header.

duration?: string

The duration for how long the service token will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h. The default is 1 year in hours (8760h).

name?: string

The name of the service token.

ServiceTokenRotateResponse { id, client_id, client_secret, 2 more }
id?: string

The ID of the service token.

client_id?: string

The Client ID for the service token. Access will check for this value in the CF-Access-Client-ID request header.

client_secret?: string

The Client Secret for the service token. Access will check for this value in the CF-Access-Client-Secret request header.

duration?: string

The duration for how long the service token will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h. The default is 1 year in hours (8760h).

name?: string

The name of the service token.