Accounts

List Accounts

accounts.list() -> SyncV4PagePaginationArray[Account]

GET/accounts

Account Details

accounts.get() -> Account

GET/accounts/{account_id}

Create an account

accounts.create() -> Account

POST/accounts

Update Account

accounts.update() -> Account

PUT/accounts/{account_id}

Delete a specific account

accounts.delete() -> AccountDeleteResponse

DELETE/accounts/{account_id}

ModelsExpand Collapse

class Account: …

id: str

Identifier

maxLength32

minLength32

Account name

maxLength100

type: Literal["standard", "enterprise"]

One of the following:

"standard"

"enterprise"

created_on: Optional[datetime]

Timestamp for the creation of the account

formatdate-time

managed_by: Optional[ManagedBy]

Parent container details

parent_org_id: Optional[str]

ID of the parent Organization, if one exists

maxLength32

parent_org_name: Optional[str]

Name of the parent Organization, if one exists

settings: Optional[Settings]

Account settings

abuse_contact_email: Optional[str]

Sets an abuse contact email to notify for abuse reports.

enforce_twofactor: Optional[bool]

Indicates whether membership in this account requires that Two-Factor Authentication is enabled

class AccountDeleteResponse: …

id: str

Identifier

maxLength32

minLength32

AccountsAccount Organizations

AccountsAccount Profile

AccountsMembers

List Members

accounts.members.list() -> SyncV4PagePaginationArray[Member]

GET/accounts/{account_id}/members

Member Details

accounts.members.get(, ) -> Member

GET/accounts/{account_id}/members/{member_id}

Add Member

accounts.members.create() -> Member

POST/accounts/{account_id}/members

Update Member

accounts.members.update(, ) -> Member

PUT/accounts/{account_id}/members/{member_id}

Remove Member

accounts.members.delete(, ) -> MemberDeleteResponse

DELETE/accounts/{account_id}/members/{member_id}

ModelsExpand Collapse

Literal["member", "invited"]

Whether the user is a member of the organization or has an invitation pending.

One of the following:

"member"

"invited"

class MemberDeleteResponse: …

id: str

Identifier

maxLength32

minLength32

AccountsRoles

List Roles

accounts.roles.list() -> SyncV4PagePaginationArray[Role]

GET/accounts/{account_id}/roles

Role Details

accounts.roles.get(, ) -> Role

GET/accounts/{account_id}/roles/{role_id}

AccountsSubscriptions

List Subscriptions

accounts.subscriptions.get() -> SyncSinglePage[Subscription]

GET/accounts/{account_id}/subscriptions

Create Subscription

accounts.subscriptions.create() -> Subscription

POST/accounts/{account_id}/subscriptions

Update Subscription

accounts.subscriptions.update(, ) -> Subscription

PUT/accounts/{account_id}/subscriptions/{subscription_identifier}

Delete Subscription

accounts.subscriptions.delete(, ) -> SubscriptionDeleteResponse

DELETE/accounts/{account_id}/subscriptions/{subscription_identifier}

ModelsExpand Collapse

class SubscriptionDeleteResponse: …

subscription_id: Optional[str]

Subscription identifier tag.

maxLength32

AccountsTokens

List Tokens

accounts.tokens.list() -> SyncV4PagePaginationArray[Token]

GET/accounts/{account_id}/tokens

Token Details

accounts.tokens.get(, ) -> Token

GET/accounts/{account_id}/tokens/{token_id}

Create Token

accounts.tokens.create() -> TokenCreateResponse

POST/accounts/{account_id}/tokens

Update Token

accounts.tokens.update(, ) -> Token

PUT/accounts/{account_id}/tokens/{token_id}

Delete Token

accounts.tokens.delete(, ) -> TokenDeleteResponse

DELETE/accounts/{account_id}/tokens/{token_id}

Verify Token

accounts.tokens.verify() -> TokenVerifyResponse

GET/accounts/{account_id}/tokens/verify

ModelsExpand Collapse

class TokenCreateResponse: …

id: Optional[str]

Token identifier tag.

maxLength32

condition: Optional[Condition]

request_ip: Optional[ConditionRequestIP]

Client IP restrictions.

in_: Optional[List[TokenConditionCIDRList]]

List of IPv4/IPv6 CIDR addresses.

not_in: Optional[List[TokenConditionCIDRList]]

List of IPv4/IPv6 CIDR addresses.

expires_on: Optional[datetime]

The expiration time on or after which the JWT MUST NOT be accepted for processing.

formatdate-time

issued_on: Optional[datetime]

The time on which the token was created.

formatdate-time

last_used_on: Optional[datetime]

Last time the token was used.

formatdate-time

modified_on: Optional[datetime]

Last time the token was modified.

formatdate-time

Token name.

maxLength120

not_before: Optional[datetime]

The time before which the token MUST NOT be accepted for processing.

formatdate-time

policies: Optional[List[TokenPolicy]]

List of access policies assigned to the token.

id: str

Policy identifier.

effect: Literal["allow", "deny"]

Allow or deny operations against the resources.

One of the following:

"allow"

"deny"

permission_groups: List[PermissionGroup]

A set of permission groups that are specified to the policy.

id: str

Identifier of the permission group.

meta: Optional[PermissionGroupMeta]

Attributes associated to the permission group.

key: Optional[str]

value: Optional[str]

Name of the permission group.

resources: Union[Dict[str, str], Dict[str, Dict[str, str]]]

A list of resource names that the policy applies to.

One of the following:

Dict[str, str]

Map of simple string resource permissions

Dict[str, Dict[str, str]]

Map of nested resource permissions

status: Optional[Literal["active", "disabled", "expired"]]

Status of the token.

One of the following:

"active"

"disabled"

"expired"

value: Optional[TokenValue]

The token value.

maxLength80

minLength40

class TokenDeleteResponse: …

id: str

Identifier

maxLength32

minLength32

class TokenVerifyResponse: …

id: str

Token identifier tag.

maxLength32

status: Literal["active", "disabled", "expired"]

Status of the token.

One of the following:

"active"

"disabled"

"expired"

expires_on: Optional[datetime]

The expiration time on or after which the JWT MUST NOT be accepted for processing.

formatdate-time

not_before: Optional[datetime]

The time before which the token MUST NOT be accepted for processing.

formatdate-time

AccountsTokensPermission Groups

List Permission Groups

accounts.tokens.permission_groups.list() -> SyncSinglePage[PermissionGroupListResponse]

GET/accounts/{account_id}/tokens/permission_groups

List Permission Groups

accounts.tokens.permission_groups.get() -> PermissionGroupGetResponse

GET/accounts/{account_id}/tokens/permission_groups

ModelsExpand Collapse

class PermissionGroupListResponse: …

id: Optional[str]

Public ID.

Permission Group Name

scopes: Optional[List[Literal["com.cloudflare.api.account", "com.cloudflare.api.account.zone", "com.cloudflare.api.user", "com.cloudflare.edge.r2.bucket"]]]

Resources to which the Permission Group is scoped

One of the following:

"com.cloudflare.api.account"

"com.cloudflare.api.account.zone"

"com.cloudflare.api.user"

"com.cloudflare.edge.r2.bucket"

List[PermissionGroupGetResponseItem]

id: Optional[str]

Public ID.

Permission Group Name

scopes: Optional[List[Literal["com.cloudflare.api.account", "com.cloudflare.api.account.zone", "com.cloudflare.api.user", "com.cloudflare.edge.r2.bucket"]]]

Resources to which the Permission Group is scoped

One of the following:

"com.cloudflare.api.account"

"com.cloudflare.api.account.zone"

"com.cloudflare.api.user"

"com.cloudflare.edge.r2.bucket"

AccountsTokensValue

Roll Token

accounts.tokens.value.update(, ) -> TokenValue

PUT/accounts/{account_id}/tokens/{token_id}/value

AccountsLogs

AccountsLogsAudit

Get account audit logs (Version 2)

accounts.logs.audit.list() -> SyncCursorPaginationAfter[AuditListResponse]

GET/accounts/{account_id}/logs/audit

ModelsExpand Collapse

class AuditListResponse: …

id: Optional[str]

A unique identifier for the audit log entry.

maxLength32

account: Optional[Account]

Contains account related information.

id: Optional[str]

A unique identifier for the account.

A string that identifies the account name.

action: Optional[Action]

Provides information about the action performed.

description: Optional[str]

A short description of the action performed.

result: Optional[str]

The result of the action, indicating success or failure.

time: Optional[datetime]

A timestamp indicating when the action was logged.

formatdate-time

type: Optional[str]

A short string that describes the action that was performed.

actor: Optional[Actor]

Provides details about the actor who performed the action.

id: Optional[str]

The ID of the actor who performed the action. If a user performed the action, this will be their User ID.

context: Optional[Literal["api_key", "api_token", "dash", 2 more]]

One of the following:

"api_key"

"api_token"

"dash"

"oauth"

"origin_ca_key"

email: Optional[str]

The email of the actor who performed the action.

formatemail

ip_address: Optional[str]

The IP address of the request that performed the action.

token_id: Optional[str]

The API token ID when the actor context is an api_token or oauth.

token_name: Optional[str]

The API token name when the actor context is an api_token or oauth.

type: Optional[Literal["account", "cloudflare_admin", "system", "user"]]

The type of actor.

One of the following:

"account"

"cloudflare_admin"

"system"

"user"

raw: Optional[Raw]

Provides raw information about the request and response.

cf_rayid: Optional[str]

The Cloudflare Ray ID for the request.

method: Optional[str]

The HTTP method of the request.

status_code: Optional[int]

The HTTP response status code returned by the API.

uri: Optional[str]

The URI of the request.

user_agent: Optional[str]

The client's user agent string sent with the request.

resource: Optional[Resource]

Provides details about the affected resource.

id: Optional[str]

The unique identifier for the affected resource.

product: Optional[str]

The Cloudflare product associated with the resource.

request: Optional[object]

response: Optional[object]

scope: Optional[object]

The scope of the resource.

type: Optional[str]

The type of the resource.

zone: Optional[Zone]

Provides details about the zone affected by the action.

id: Optional[str]

A string that identifies the zone id.

A string that identifies the zone name.