# Risk Scoring ## Get risk event/score information for a specific user `client.zeroTrust.riskScoring.get(stringuserId, RiskScoringGetParamsparams, RequestOptionsoptions?): RiskScoringGetResponse` **get** `/accounts/{account_id}/zt_risk_scoring/{user_id}` Retrieves the detailed risk score breakdown for a specific user, including contributing factors. ### Parameters - `userId: string` - `params: RiskScoringGetParams` - `account_id: string` ### Returns - `RiskScoringGetResponse` - `email: string` - `events: Array` - `id: string` - `name: string` - `risk_level: "low" | "medium" | "high"` - `"low"` - `"medium"` - `"high"` - `timestamp: string` - `event_details?: unknown` - `name: string` - `last_reset_time?: string | null` - `risk_level?: "low" | "medium" | "high"` - `"low"` - `"medium"` - `"high"` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const riskScoring = await client.zeroTrust.riskScoring.get('182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e', { account_id: 'account_id', }); console.log(riskScoring.email); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "email": "email", "events": [ { "id": "id", "name": "name", "risk_level": "low", "timestamp": "2019-12-27T18:11:19.117Z", "event_details": {} } ], "name": "name", "last_reset_time": "2019-12-27T18:11:19.117Z", "risk_level": "low" }, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Clear the risk score for a particular user `client.zeroTrust.riskScoring.reset(stringuserId, RiskScoringResetParamsparams, RequestOptionsoptions?): RiskScoringResetResponse | null` **post** `/accounts/{account_id}/zt_risk_scoring/{user_id}/reset` Resets risk scores for specified users, clearing their accumulated risk history. ### Parameters - `userId: string` - `params: RiskScoringResetParams` - `account_id: string` ### Returns - `RiskScoringResetResponse = unknown` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const response = await client.zeroTrust.riskScoring.reset('182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e', { account_id: 'account_id', }); console.log(response); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": {} } ``` ## Domain Types ### Risk Scoring Get Response - `RiskScoringGetResponse` - `email: string` - `events: Array` - `id: string` - `name: string` - `risk_level: "low" | "medium" | "high"` - `"low"` - `"medium"` - `"high"` - `timestamp: string` - `event_details?: unknown` - `name: string` - `last_reset_time?: string | null` - `risk_level?: "low" | "medium" | "high"` - `"low"` - `"medium"` - `"high"` ### Risk Scoring Reset Response - `RiskScoringResetResponse = unknown` # Behaviours ## Get all behaviors and associated configuration `client.zeroTrust.riskScoring.behaviours.get(BehaviourGetParamsparams, RequestOptionsoptions?): BehaviourGetResponse` **get** `/accounts/{account_id}/zt_risk_scoring/behaviors` Retrieves configured risk score behaviors that define how user actions affect their overall risk score. ### Parameters - `params: BehaviourGetParams` - `account_id: string` ### Returns - `BehaviourGetResponse` - `behaviors: Record` - `description: string` - `enabled: boolean` - `name: string` - `risk_level: "low" | "medium" | "high"` - `"low"` - `"medium"` - `"high"` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const behaviour = await client.zeroTrust.riskScoring.behaviours.get({ account_id: 'account_id' }); console.log(behaviour.behaviors); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "behaviors": { "foo": { "description": "description", "enabled": true, "name": "name", "risk_level": "low" } } } } ``` ## Update configuration for risk behaviors `client.zeroTrust.riskScoring.behaviours.update(BehaviourUpdateParamsparams, RequestOptionsoptions?): BehaviourUpdateResponse` **put** `/accounts/{account_id}/zt_risk_scoring/behaviors` Updates risk score behavior configurations, defining weights and thresholds for risk calculation. ### Parameters - `params: BehaviourUpdateParams` - `account_id: string` Path param: Account ID. - `behaviors: Record` Body param - `enabled: boolean` - `risk_level: "low" | "medium" | "high"` - `"low"` - `"medium"` - `"high"` ### Returns - `BehaviourUpdateResponse` - `behaviors: Record` - `enabled: boolean` - `risk_level: "low" | "medium" | "high"` - `"low"` - `"medium"` - `"high"` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const behaviour = await client.zeroTrust.riskScoring.behaviours.update({ account_id: 'account_id', behaviors: { foo: { enabled: true, risk_level: 'low' } }, }); console.log(behaviour.behaviors); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "behaviors": { "foo": { "enabled": true, "risk_level": "low" } } } } ``` ## Domain Types ### Behaviour Get Response - `BehaviourGetResponse` - `behaviors: Record` - `description: string` - `enabled: boolean` - `name: string` - `risk_level: "low" | "medium" | "high"` - `"low"` - `"medium"` - `"high"` ### Behaviour Update Response - `BehaviourUpdateResponse` - `behaviors: Record` - `enabled: boolean` - `risk_level: "low" | "medium" | "high"` - `"low"` - `"medium"` - `"high"` # Summary ## Get risk score info for all users in the account `client.zeroTrust.riskScoring.summary.get(SummaryGetParamsparams, RequestOptionsoptions?): SummaryGetResponse` **get** `/accounts/{account_id}/zt_risk_scoring/summary` Gets an aggregate summary of risk scores across the account, including distribution and trends. ### Parameters - `params: SummaryGetParams` - `account_id: string` ### Returns - `SummaryGetResponse` - `users: Array` - `email: string` - `event_count: number` - `last_event: string` - `max_risk_level: "low" | "medium" | "high"` - `"low"` - `"medium"` - `"high"` - `name: string` - `user_id: string` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const summary = await client.zeroTrust.riskScoring.summary.get({ account_id: 'account_id' }); console.log(summary.users); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "users": [ { "email": "email", "event_count": 0, "last_event": "2019-12-27T18:11:19.117Z", "max_risk_level": "low", "name": "name", "user_id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e" } ] }, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Domain Types ### Summary Get Response - `SummaryGetResponse` - `users: Array` - `email: string` - `event_count: number` - `last_event: string` - `max_risk_level: "low" | "medium" | "high"` - `"low"` - `"medium"` - `"high"` - `name: string` - `user_id: string` # Integrations ## List all risk score integrations for the account. `client.zeroTrust.riskScoring.integrations.list(IntegrationListParamsparams, RequestOptionsoptions?): SinglePage` **get** `/accounts/{account_id}/zt_risk_scoring/integrations` Lists all configured Zero Trust risk score integrations for the account. ### Parameters - `params: IntegrationListParams` - `account_id: string` ### Returns - `IntegrationListResponse` - `id: string` The id of the integration, a UUIDv4. - `account_tag: string` The Cloudflare account tag. - `active: boolean` Whether this integration is enabled and should export changes in risk score. - `created_at: string` When the integration was created in RFC3339 format. - `integration_type: "Okta"` - `"Okta"` - `reference_id: string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `tenant_url: string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `well_known_url: string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const integrationListResponse of client.zeroTrust.riskScoring.integrations.list({ account_id: 'account_id', })) { console.log(integrationListResponse.id); } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "account_tag": "account_tag", "active": true, "created_at": "2019-12-27T18:11:19.117Z", "integration_type": "Okta", "reference_id": "reference_id", "tenant_url": "tenant_url", "well_known_url": "well_known_url" } ] } ``` ## Get risk score integration by id. `client.zeroTrust.riskScoring.integrations.get(stringintegrationId, IntegrationGetParamsparams, RequestOptionsoptions?): IntegrationGetResponse` **get** `/accounts/{account_id}/zt_risk_scoring/integrations/{integration_id}` Get risk score integration by id. ### Parameters - `integrationId: string` - `params: IntegrationGetParams` - `account_id: string` ### Returns - `IntegrationGetResponse` - `id: string` The id of the integration, a UUIDv4. - `account_tag: string` The Cloudflare account tag. - `active: boolean` Whether this integration is enabled and should export changes in risk score. - `created_at: string` When the integration was created in RFC3339 format. - `integration_type: "Okta"` - `"Okta"` - `reference_id: string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `tenant_url: string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `well_known_url: string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const integration = await client.zeroTrust.riskScoring.integrations.get( '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e', { account_id: 'account_id' }, ); console.log(integration.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "account_tag": "account_tag", "active": true, "created_at": "2019-12-27T18:11:19.117Z", "integration_type": "Okta", "reference_id": "reference_id", "tenant_url": "tenant_url", "well_known_url": "well_known_url" } } ``` ## Create new risk score integration. `client.zeroTrust.riskScoring.integrations.create(IntegrationCreateParamsparams, RequestOptionsoptions?): IntegrationCreateResponse` **post** `/accounts/{account_id}/zt_risk_scoring/integrations` Creates a new Zero Trust risk score integration, connecting external risk signals to Cloudflare's risk scoring system. ### Parameters - `params: IntegrationCreateParams` - `account_id: string` Path param - `integration_type: "Okta"` Body param - `"Okta"` - `tenant_url: string` Body param: The base url of the tenant, e.g. "https://tenant.okta.com". - `reference_id?: string | null` Body param: A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider ### Returns - `IntegrationCreateResponse` - `id: string` The id of the integration, a UUIDv4. - `account_tag: string` The Cloudflare account tag. - `active: boolean` Whether this integration is enabled and should export changes in risk score. - `created_at: string` When the integration was created in RFC3339 format. - `integration_type: "Okta"` - `"Okta"` - `reference_id: string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `tenant_url: string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `well_known_url: string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const integration = await client.zeroTrust.riskScoring.integrations.create({ account_id: 'account_id', integration_type: 'Okta', tenant_url: 'https://example.com', }); console.log(integration.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "account_tag": "account_tag", "active": true, "created_at": "2019-12-27T18:11:19.117Z", "integration_type": "Okta", "reference_id": "reference_id", "tenant_url": "tenant_url", "well_known_url": "well_known_url" } } ``` ## Update a risk score integration. `client.zeroTrust.riskScoring.integrations.update(stringintegrationId, IntegrationUpdateParamsparams, RequestOptionsoptions?): IntegrationUpdateResponse` **put** `/accounts/{account_id}/zt_risk_scoring/integrations/{integration_id}` Overwrite the reference_id, tenant_url, and active values with the ones provided. ### Parameters - `integrationId: string` - `params: IntegrationUpdateParams` - `account_id: string` Path param - `active: boolean` Body param: Whether this integration is enabled. If disabled, no risk changes will be exported to the third-party. - `tenant_url: string` Body param: The base url of the tenant, e.g. "https://tenant.okta.com". - `reference_id?: string | null` Body param: A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider ### Returns - `IntegrationUpdateResponse` - `id: string` The id of the integration, a UUIDv4. - `account_tag: string` The Cloudflare account tag. - `active: boolean` Whether this integration is enabled and should export changes in risk score. - `created_at: string` When the integration was created in RFC3339 format. - `integration_type: "Okta"` - `"Okta"` - `reference_id: string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `tenant_url: string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `well_known_url: string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const integration = await client.zeroTrust.riskScoring.integrations.update( '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e', { account_id: 'account_id', active: true, tenant_url: 'https://example.com', }, ); console.log(integration.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "account_tag": "account_tag", "active": true, "created_at": "2019-12-27T18:11:19.117Z", "integration_type": "Okta", "reference_id": "reference_id", "tenant_url": "tenant_url", "well_known_url": "well_known_url" } } ``` ## Delete a risk score integration. `client.zeroTrust.riskScoring.integrations.delete(stringintegrationId, IntegrationDeleteParamsparams, RequestOptionsoptions?): IntegrationDeleteResponse | null` **delete** `/accounts/{account_id}/zt_risk_scoring/integrations/{integration_id}` Removes a Zero Trust risk score integration, disconnecting the external risk signal source. ### Parameters - `integrationId: string` - `params: IntegrationDeleteParams` - `account_id: string` ### Returns - `IntegrationDeleteResponse = unknown` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const integration = await client.zeroTrust.riskScoring.integrations.delete( '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e', { account_id: 'account_id' }, ); console.log(integration); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": {} } ``` ## Domain Types ### Integration List Response - `IntegrationListResponse` - `id: string` The id of the integration, a UUIDv4. - `account_tag: string` The Cloudflare account tag. - `active: boolean` Whether this integration is enabled and should export changes in risk score. - `created_at: string` When the integration was created in RFC3339 format. - `integration_type: "Okta"` - `"Okta"` - `reference_id: string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `tenant_url: string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `well_known_url: string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1. ### Integration Get Response - `IntegrationGetResponse` - `id: string` The id of the integration, a UUIDv4. - `account_tag: string` The Cloudflare account tag. - `active: boolean` Whether this integration is enabled and should export changes in risk score. - `created_at: string` When the integration was created in RFC3339 format. - `integration_type: "Okta"` - `"Okta"` - `reference_id: string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `tenant_url: string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `well_known_url: string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1. ### Integration Create Response - `IntegrationCreateResponse` - `id: string` The id of the integration, a UUIDv4. - `account_tag: string` The Cloudflare account tag. - `active: boolean` Whether this integration is enabled and should export changes in risk score. - `created_at: string` When the integration was created in RFC3339 format. - `integration_type: "Okta"` - `"Okta"` - `reference_id: string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `tenant_url: string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `well_known_url: string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1. ### Integration Update Response - `IntegrationUpdateResponse` - `id: string` The id of the integration, a UUIDv4. - `account_tag: string` The Cloudflare account tag. - `active: boolean` Whether this integration is enabled and should export changes in risk score. - `created_at: string` When the integration was created in RFC3339 format. - `integration_type: "Okta"` - `"Okta"` - `reference_id: string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `tenant_url: string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `well_known_url: string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1. ### Integration Delete Response - `IntegrationDeleteResponse = unknown` # References ## Get risk score integration by reference id. `client.zeroTrust.riskScoring.integrations.references.get(stringreferenceId, ReferenceGetParamsparams, RequestOptionsoptions?): ReferenceGetResponse` **get** `/accounts/{account_id}/zt_risk_scoring/integrations/reference_id/{reference_id}` Retrieves a Zero Trust risk score integration using its external reference ID. ### Parameters - `referenceId: string` - `params: ReferenceGetParams` - `account_id: string` ### Returns - `ReferenceGetResponse` - `id: string` The id of the integration, a UUIDv4. - `account_tag: string` The Cloudflare account tag. - `active: boolean` Whether this integration is enabled and should export changes in risk score. - `created_at: string` When the integration was created in RFC3339 format. - `integration_type: "Okta"` - `"Okta"` - `reference_id: string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `tenant_url: string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `well_known_url: string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const reference = await client.zeroTrust.riskScoring.integrations.references.get('reference_id', { account_id: 'account_id', }); console.log(reference.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "account_tag": "account_tag", "active": true, "created_at": "2019-12-27T18:11:19.117Z", "integration_type": "Okta", "reference_id": "reference_id", "tenant_url": "tenant_url", "well_known_url": "well_known_url" } } ``` ## Domain Types ### Reference Get Response - `ReferenceGetResponse` - `id: string` The id of the integration, a UUIDv4. - `account_tag: string` The Cloudflare account tag. - `active: boolean` Whether this integration is enabled and should export changes in risk score. - `created_at: string` When the integration was created in RFC3339 format. - `integration_type: "Okta"` - `"Okta"` - `reference_id: string` A reference ID defined by the client. Should be set to the Access-Okta IDP integration ID. Useful when the risk-score integration needs to be associated with a secondary asset and recalled using that ID. - `tenant_url: string` The base URL for the tenant. E.g. "https://tenant.okta.com". - `well_known_url: string` The URL for the Shared Signals Framework configuration, e.g. "/.well-known/sse-configuration/{integration_uuid}/". https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1.