Cloudflare API | Cloudforce One

Creating a request adds the request into the Cloudforce One queue for analysis. In addition to the content, a short title, type, priority, and releasability should be provided. If one is not provided, a default will be assigned.

Delete A Request -> { errors, messages, success }

delete/accounts/{account_identifier}/cloudforce-one/requests/{request_identifier}

Delete a Request

Get A Request -> Envelope<

Item

get/accounts/{account_identifier}/cloudforce-one/requests/{request_identifier}

Get a Request

List Requests -> SinglePage<

ListItem

post/accounts/{account_identifier}/cloudforce-one/requests

List Requests

Security

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example: X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example: X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Cloudforce One Write

path Parameters

account_identifier: string

(maxLength: 32)

Identifier

Body parameters

page: number

Page number of results

per_page: number

Number of results per page

completed_after: string

Optional

(format: date-time)

Retrieve requests completed after this time

completed_before: string

Optional

(format: date-time)

Retrieve requests completed before this time

created_after: string

Optional

(format: date-time)

Retrieve requests created after this time

created_before: string

Optional

(format: date-time)

Retrieve requests created before this time

request_type: string

Optional

Requested information from request

sort_by: string

Optional

Field to sort results by

sort_order: "asc" | "desc"

Optional

Sort order (asc or desc)

status: "open" | "accepted" | "reported" | 3 more...

Optional

Request Status

Response fields

errors: Array<

ResponseInfo

messages: Array<

ResponseInfo

success: true

Whether the API call was successful

result: Array<

ListItem

Optional

Request example

curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_IDENTIFIER/cloudforce-one/requests \
    -H 'Content-Type: application/json' \
    -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \
    -H "X-Auth-Key: $CLOUDFLARE_API_KEY" \
    -d '{
      "page": 0,
      "per_page": 10,
      "completed_after": "2022-01-01T00:00:00Z",
      "completed_before": "2024-01-01T00:00:00Z",
      "created_after": "2022-01-01T00:00:00Z",
      "created_before": "2024-01-01T00:00:00Z",
      "request_type": "Victomology",
      "sort_by": "created"
    }'

200Example

{
  "errors": [
    {
      "code": 1000,
      "message": "message"
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message"
    }
  ],
  "success": true,
  "result": [
    {
      "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
      "created": "2022-04-01T00:00:00Z",
      "priority": "routine",
      "request": "Victomology",
      "summary": "DoS attack",
      "tlp": "clear",
      "updated": "2022-04-01T00:00:00Z",
      "completed": "2024-01-01T00:00:00Z",
      "message_tokens": 16,
      "readable_id": "RFI-2022-000001",
      "status": "open",
      "tokens": 0
    }
  ]
}

Get Request Quota -> Envelope<

Quota

get/accounts/{account_identifier}/cloudforce-one/requests/quota

Get Request Quota

Get Request Types -> SinglePage<string>

get/accounts/{account_identifier}/cloudforce-one/requests/types

Get Request Types

Update A Request -> Envelope<

Item

put/accounts/{account_identifier}/cloudforce-one/requests/{request_identifier}

Updating a request alters the request in the Cloudforce One queue. This API may be used to update any attributes of the request after the initial submission. Only fields that you choose to update need to be add to the request body.

Domain types

Item = { id, content, created, 10 more... }

ListItem = { id, created, priority, 9 more... }

Quota = { anniversary_date, quarter_anniversary_date, quota, 1 more... }

RequestConstants = { priority, status, tlp }

RequestTypes = Array<string>

Cloudforce One Requests

Assets

cloudforce_one.requests.assets

Methods

List Request Assets -> SinglePage<{ id, name, created, 2 more... }>

post/accounts/{account_identifier}/cloudforce-one/requests/{request_identifier}/asset

List Request Assets

Delete A Request Asset -> { errors, messages, success }

delete/accounts/{account_identifier}/cloudforce-one/requests/{request_identifier}/asset/{asset_identifer}

Delete a Request Asset

Get A Request Asset -> SinglePage<{ id, name, created, 2 more... }>

get/accounts/{account_identifier}/cloudforce-one/requests/{request_identifier}/asset/{asset_identifer}

Get a Request Asset

Update A Request Asset -> Envelope<{ id, name, created, 2 more... }>

put/accounts/{account_identifier}/cloudforce-one/requests/{request_identifier}/asset/{asset_identifer}

Update a Request Asset

Cloudforce One Requests

Message

cloudforce_one.requests.message

Methods

Create A New Request Message -> Envelope<

Message

post/accounts/{account_identifier}/cloudforce-one/requests/{request_identifier}/message/new

Create a New Request Message

Delete A Request Message -> { errors, messages, success }

delete/accounts/{account_identifier}/cloudforce-one/requests/{request_identifier}/message/{message_identifer}

Delete a Request Message

List Request Messages -> SinglePage<

Message

post/accounts/{account_identifier}/cloudforce-one/requests/{request_identifier}/message

List Request Messages

Update A Request Message -> Envelope<

Message

put/accounts/{account_identifier}/cloudforce-one/requests/{request_identifier}/message/{message_identifer}

Update a Request Message

Domain types

Message = { id, author, content, 3 more... }

Cloudforce One Requests

Priority

cloudforce_one.requests.priority

Methods

Create A New Priority Intelligence Requirement -> Envelope<

Priority

post/accounts/{account_identifier}/cloudforce-one/requests/priority/new

Create a New Priority Intelligence Requirement

Delete A Priority Intelligence Requirement -> { errors, messages, success }

delete/accounts/{account_identifier}/cloudforce-one/requests/priority/{priority_identifer}

Delete a Priority Intelligence Requirement

Get A Priority Intelligence Requirement -> Envelope<

Item

get/accounts/{account_identifier}/cloudforce-one/requests/priority/{priority_identifer}

Get a Priority Intelligence Requirement

Get Priority Intelligence Requirement Quota -> Envelope<

Quota

get/accounts/{account_identifier}/cloudforce-one/requests/priority/quota

Get Priority Intelligence Requirement Quota

Update A Priority Intelligence Requirement -> Envelope<

Item

put/accounts/{account_identifier}/cloudforce-one/requests/priority/{priority_identifer}

Update a Priority Intelligence Requirement

Domain types

Label = string

Priority = { id, created, labels, 4 more... }

PriorityEdit = { labels, priority, requirement, 1 more... }

Cloudforce One

Scans

cloudforce_one.scans

Cloudforce One Scans

Config

cloudforce_one.scans.config

Methods

Create A New Scan Config -> Envelope<{ id, account_id, frequency, 2 more... }>

post/accounts/{account_id}/cloudforce-one/scans/config

Create a new Scan Config

Delete A Scan Config -> Envelope<unknown>

delete/accounts/{account_id}/cloudforce-one/scans/config/{config_id}

Delete a Scan Config

Update An Existing Scan Config -> Envelope<{ id, account_id, frequency, 2 more... }>

patch/accounts/{account_id}/cloudforce-one/scans/config/{config_id}

Update an existing Scan Config

List Scan Configs -> SinglePage<{ id, account_id, frequency, 2 more... }>

get/accounts/{account_id}/cloudforce-one/scans/config

List Scan Configs

Cloudforce One Scans

Results

cloudforce_one.scans.results

Methods

Get The Latest Scan Result -> Envelope<{ 1.1.1.1 }>

get/accounts/{account_id}/cloudforce-one/scans/results/{config_id}

Get the Latest Scan Result

Domain types

ScanResult = { number, proto, status }

Cloudforce One

Threat Events

cloudforce_one.threat_events

Methods

Creates Bulk Events -> Array<{ id, accountId, attacker, 24 more... }>

post/accounts/{account_id}/cloudforce-one/events/create/bulk

The datasetId parameter must be defined. To list existing datasets (and their IDs) in your account, use the List Datasets endpoint.

Creates A New Event -> { id, accountId, attacker, 24 more... }

post/accounts/{account_id}/cloudforce-one/events/create

Events must be created in a client-specific dataset, which means the datasetId parameter must be defined. To create a dataset, see the Create Dataset endpoint.

Deletes An Event -> { uuid }

delete/accounts/{account_id}/cloudforce-one/events/{event_id}

The datasetId parameter must be defined. To list existing datasets (and their IDs) in your account, use the List Datasets endpoint.

Updates An Event -> { id, accountId, attacker, 24 more... }

patch/accounts/{account_id}/cloudforce-one/events/{event_id}

Updates an event

Reads An Event -> { id, accountId, attacker, 24 more... }

get/accounts/{account_id}/cloudforce-one/events/{event_id}

Reads an event

Cloudforce One Threat Events

Attackers

cloudforce_one.threat_events.attackers

Methods

Lists Attackers -> { items, type }

get/accounts/{account_id}/cloudforce-one/events/attackers

Lists attackers

Countries

cloudforce_one.threat_events.countries

Methods

Retrieves Countries Information For All Countries -> Array<{ result, success }>

get/accounts/{account_id}/cloudforce-one/events/countries

Retrieves countries information for all countries

Cloudforce One Threat Events

Crons

cloudforce_one.threat_events.crons

Methods

Reads The Last Cron Update Time -> { id, update }

patch/accounts/{account_id}/cloudforce-one/events/cron

Reads the last cron update time

Reads The Last Cron Update Time -> { update }

get/accounts/{account_id}/cloudforce-one/events/cron

Reads the last cron update time

Cloudforce One Threat Events

Datasets

cloudforce_one.threat_events.datasets

Methods

Creates A Dataset -> { isPublic, name, uuid }

post/accounts/{account_id}/cloudforce-one/events/dataset/create

Creates a dataset

Updates An Existing Dataset -> { isPublic, name, uuid }

patch/accounts/{account_id}/cloudforce-one/events/dataset/{dataset_id}

Updates an existing dataset

Reads A Dataset -> { isPublic, name, uuid }

get/accounts/{account_id}/cloudforce-one/events/dataset/{dataset_id}

Reads a dataset

Lists All Datasets In An Account -> Array<{ isPublic, name, uuid }>

get/accounts/{account_id}/cloudforce-one/events/dataset

Lists all datasets in an account

Reads Data For A Raw Event -> { id, accountId, created, 3 more... }

get/accounts/{account_id}/cloudforce-one/events/raw/{dataset_id}/{event_id}

Reads data for a raw event

Cloudforce One Threat Events

Event Tags

cloudforce_one.threat_events.event_tags

Methods

Adds A Tag To An Event -> Envelope<{ success }>

post/accounts/{account_id}/cloudforce-one/events/event_tag/{event_id}/create

Adds a tag to an event

Removes A Tag From An Event -> Envelope<{ success }>

delete/accounts/{account_id}/cloudforce-one/events/event_tag/{event_id}

Removes a tag from an event

Cloudforce One Threat Events

Indicator Types

cloudforce_one.threat_events.indicator_types

Methods

Lists All Indicator Types -> { items, type }

get/accounts/{account_id}/cloudforce-one/events/indicatorTypes

Lists all indicator types

Cloudforce One Threat Events

Insights

cloudforce_one.threat_events.insights

Methods

Adds An Insight To An Event -> Envelope<{ content, uuid }>

post/accounts/{account_id}/cloudforce-one/events/{event_id}/insight/create

Adds an insight to an event

Deletes An Event Insight -> Envelope<{ success }>

delete/accounts/{account_id}/cloudforce-one/events/{event_id}/insight/{insight_id}

Deletes an event insight

Updates An Event Insight -> Envelope<{ content, uuid }>

patch/accounts/{account_id}/cloudforce-one/events/{event_id}/insight/{insight_id}

Updates an event insight

Reads An Event Insight -> Envelope<{ content, uuid }>

get/accounts/{account_id}/cloudforce-one/events/{event_id}/insight/{insight_id}

Reads an event insight

Cloudforce One Threat Events

Raw

cloudforce_one.threat_events.raw

Methods

Updates A Raw Event -> { id, data }

patch/accounts/{account_id}/cloudforce-one/events/{event_id}/raw/{raw_id}

Updates a raw event

Reads Data For A Raw Event -> { id, accountId, created, 3 more... }

get/accounts/{account_id}/cloudforce-one/events/{event_id}/raw/{raw_id}

Reads data for a raw event

Cloudforce One Threat Events

Relate

cloudforce_one.threat_events.relate

Methods

Removes An Event Reference -> Envelope<{ success }>

delete/accounts/{account_id}/cloudforce-one/events/relate/{event_id}

Removes an event reference

Cloudforce One Threat Events

Target Industries

cloudforce_one.threat_events.target_industries

Methods

Lists All Target Industries -> { items, type }

get/accounts/{account_id}/cloudforce-one/events/targetIndustries

Lists all target industries

Cloudforce One

Requests

Assets

Message

Priority

Scans

Config

Results

Threat Events

Attackers

Categories

Countries

Crons

Datasets

Event Tags

Indicator Types

Insights

Raw

Relate

Tags

Target Industries