Skip to content
Cloudflare API
Start here
API Reference
Zero Trust
Devices

Settings

Get device settings for a Zero Trust account
client.zeroTrust.devices.settings.get(SettingGetParams { account_id } params, RequestOptionsoptions?): DeviceSettings { disable_for_time, external_emergency_signal_enabled, external_emergency_signal_fingerprint, 6 more } | null
GET/accounts/{account_id}/devices/settings
Update device settings for a Zero Trust account
client.zeroTrust.devices.settings.update(SettingUpdateParams { account_id, disable_for_time, external_emergency_signal_enabled, 7 more } params, RequestOptionsoptions?): DeviceSettings { disable_for_time, external_emergency_signal_enabled, external_emergency_signal_fingerprint, 6 more } | null
PUT/accounts/{account_id}/devices/settings
Patch device settings for a Zero Trust account
client.zeroTrust.devices.settings.edit(SettingEditParams { account_id, disable_for_time, external_emergency_signal_enabled, 7 more } params, RequestOptionsoptions?): DeviceSettings { disable_for_time, external_emergency_signal_enabled, external_emergency_signal_fingerprint, 6 more } | null
PATCH/accounts/{account_id}/devices/settings
Reset device settings for a Zero Trust account with defaults. This turns off all proxying.
client.zeroTrust.devices.settings.delete(SettingDeleteParams { account_id } params, RequestOptionsoptions?): DeviceSettings { disable_for_time, external_emergency_signal_enabled, external_emergency_signal_fingerprint, 6 more } | null
DELETE/accounts/{account_id}/devices/settings
ModelsExpand Collapse
DeviceSettings { disable_for_time, external_emergency_signal_enabled, external_emergency_signal_fingerprint, 6 more }
disable_for_time?: number

Sets the time limit, in seconds, that a user can use an override code to bypass WARP.

external_emergency_signal_enabled?: boolean

Controls whether the external emergency disconnect feature is enabled.

external_emergency_signal_fingerprint?: string

The SHA256 fingerprint (64 hexadecimal characters) of the HTTPS server certificate for the external_emergency_signal_url. If provided, the WARP client will use this value to verify the server’s identity. The device will ignore any response if the server’s certificate fingerprint does not exactly match this value.

external_emergency_signal_interval?: string

The interval at which the WARP client fetches the emergency disconnect signal, formatted as a duration string (e.g., “5m”, “2m30s”, “1h”). Minimum 30 seconds.

external_emergency_signal_url?: string

The HTTPS URL from which to fetch the emergency disconnect signal. Must use HTTPS and have an IPv4 or IPv6 address as the host.

gateway_proxy_enabled?: boolean

Enable gateway proxy filtering on TCP.

gateway_udp_proxy_enabled?: boolean

Enable gateway proxy filtering on UDP.

root_certificate_installation_enabled?: boolean

Enable installation of cloudflare managed root certificate.

use_zt_virtual_ip?: boolean

Enable using CGNAT virtual IPv4.