Skip to content
Cloudflare API
Start here
API Reference

User

User Details
user.get() -> UserGetResponse
GET/user
Edit User
user.edit(UserEditParams**kwargs) -> UserEditResponse
PATCH/user
ModelsExpand Collapse
class UserGetResponse:
id: Optional[str]

Identifier of the user.

betas: Optional[List[str]]

Lists the betas that the user is participating in.

country: Optional[str]

The country in which the user lives.

maxLength30
first_name: Optional[str]

User's first name

maxLength60
has_business_zones: Optional[bool]

Indicates whether user has any business zones

has_enterprise_zones: Optional[bool]

Indicates whether user has any enterprise zones

has_pro_zones: Optional[bool]

Indicates whether user has any pro zones

last_name: Optional[str]

User's last name

maxLength60
organizations: Optional[List[Organization]]
id: Optional[str]

Identifier

maxLength32
minLength32
name: Optional[str]

Organization name.

maxLength100
permissions: Optional[List[Permission]]

Access permissions for this User.

roles: Optional[List[str]]

List of roles that a user has within an organization.

status: Optional[Status]

Whether the user is a member of the organization or has an invitation pending.

suspended: Optional[bool]

Indicates whether user has been suspended

telephone: Optional[str]

User's telephone number

maxLength20
two_factor_authentication_enabled: Optional[bool]

Indicates whether two-factor authentication is enabled for the user account. Does not apply to API authentication.

two_factor_authentication_locked: Optional[bool]

Indicates whether two-factor authentication is required by one of the accounts that the user is a member of.

zipcode: Optional[str]

The zipcode or postal code where the user lives.

maxLength20
class UserEditResponse:
id: Optional[str]

Identifier of the user.

betas: Optional[List[str]]

Lists the betas that the user is participating in.

country: Optional[str]

The country in which the user lives.

maxLength30
first_name: Optional[str]

User's first name

maxLength60
has_business_zones: Optional[bool]

Indicates whether user has any business zones

has_enterprise_zones: Optional[bool]

Indicates whether user has any enterprise zones

has_pro_zones: Optional[bool]

Indicates whether user has any pro zones

last_name: Optional[str]

User's last name

maxLength60
organizations: Optional[List[Organization]]
id: Optional[str]

Identifier

maxLength32
minLength32
name: Optional[str]

Organization name.

maxLength100
permissions: Optional[List[Permission]]

Access permissions for this User.

roles: Optional[List[str]]

List of roles that a user has within an organization.

status: Optional[Status]

Whether the user is a member of the organization or has an invitation pending.

suspended: Optional[bool]

Indicates whether user has been suspended

telephone: Optional[str]

User's telephone number

maxLength20
two_factor_authentication_enabled: Optional[bool]

Indicates whether two-factor authentication is enabled for the user account. Does not apply to API authentication.

two_factor_authentication_locked: Optional[bool]

Indicates whether two-factor authentication is required by one of the accounts that the user is a member of.

zipcode: Optional[str]

The zipcode or postal code where the user lives.

maxLength20

UserAudit Logs

Get user audit logs
user.audit_logs.list(AuditLogListParams**kwargs) -> SyncV4PagePaginationArray[AuditLog]
GET/user/audit_logs

UserBilling

UserBillingHistory

Billing History Details
Deprecated
user.billing.history.list(HistoryListParams**kwargs) -> SyncV4PagePaginationArray[BillingHistory]
GET/user/billing/history
ModelsExpand Collapse
class BillingHistory:
id: str

Billing item identifier tag.

maxLength32
action: str

The billing item action.

maxLength30
amount: float

The amount associated with this billing item.

currency: str

The monetary unit in which pricing information is displayed.

description: str

The billing item description.

maxLength255
occurred_at: datetime

When the billing item was created.

formatdate-time
type: str

The billing item type.

maxLength30
zone: Zone
name: Optional[str]

UserBillingProfile

Billing Profile Details
Deprecated
user.billing.profile.get() -> ProfileGetResponse
GET/user/billing/profile
ModelsExpand Collapse
class ProfileGetResponse:
id: Optional[str]

Billing item identifier tag.

maxLength32
account_type: Optional[str]
address: Optional[str]
address2: Optional[str]
balance: Optional[str]
card_expiry_month: Optional[int]
card_expiry_year: Optional[int]
card_number: Optional[str]
city: Optional[str]
company: Optional[str]
country: Optional[str]
created_on: Optional[datetime]
formatdate-time
device_data: Optional[str]
edited_on: Optional[datetime]
formatdate-time
enterprise_billing_email: Optional[str]
enterprise_primary_email: Optional[str]
first_name: Optional[str]
is_partner: Optional[bool]
last_name: Optional[str]
next_bill_date: Optional[datetime]
formatdate-time
payment_address: Optional[str]
payment_address2: Optional[str]
payment_city: Optional[str]
payment_country: Optional[str]
payment_email: Optional[str]
payment_first_name: Optional[str]
payment_gateway: Optional[str]
payment_last_name: Optional[str]
payment_nonce: Optional[str]
payment_state: Optional[str]
payment_zipcode: Optional[str]
primary_email: Optional[str]
state: Optional[str]
tax_id_type: Optional[str]
telephone: Optional[str]
use_legacy: Optional[bool]
validation_code: Optional[str]
vat: Optional[str]
zipcode: Optional[str]

UserInvites

List Invitations
user.invites.list() -> SyncSinglePage[Invite]
GET/user/invites
Invitation Details
user.invites.get(strinvite_id) -> Invite
GET/user/invites/{invite_id}
Respond to Invitation
user.invites.edit(strinvite_id, InviteEditParams**kwargs) -> Invite
PATCH/user/invites/{invite_id}
ModelsExpand Collapse
class Invite:
invited_member_id: Optional[str]

ID of the user to add to the organization.

maxLength32
organization_id: str

ID of the organization the user will be added to.

maxLength32
id: Optional[str]

Invite identifier tag.

maxLength32
expires_on: Optional[datetime]

When the invite is no longer active.

formatdate-time
invited_by: Optional[str]

The email address of the user who created the invite.

maxLength90
invited_member_email: Optional[str]

Email address of the user to add to the organization.

maxLength90
invited_on: Optional[datetime]

When the invite was sent.

formatdate-time
organization_is_enforcing_twofactor: Optional[bool]
organization_name: Optional[str]

Organization name.

maxLength100
roles: Optional[List[str]]

List of role names the membership has for this account.

status: Optional[Literal["pending", "accepted", "rejected", "expired"]]

Current status of the invitation.

One of the following:
"pending"
"accepted"
"rejected"
"expired"

UserOrganizations

List Organizations
Deprecated
user.organizations.list(OrganizationListParams**kwargs) -> SyncV4PagePaginationArray[Organization]
GET/user/organizations
Organization Details
Deprecated
user.organizations.get(strorganization_id) -> object
GET/user/organizations/{organization_id}
Leave Organization
Deprecated
user.organizations.delete(strorganization_id) -> OrganizationDeleteResponse
DELETE/user/organizations/{organization_id}
ModelsExpand Collapse
class Organization:
id: Optional[str]

Identifier

maxLength32
minLength32
name: Optional[str]

Organization name.

maxLength100
permissions: Optional[List[Permission]]

Access permissions for this User.

roles: Optional[List[str]]

List of roles that a user has within an organization.

status: Optional[Status]

Whether the user is a member of the organization or has an invitation pending.

class OrganizationDeleteResponse:
id: Optional[str]

Identifier

maxLength32
minLength32

UserSubscriptions

Get User Subscriptions
user.subscriptions.get() -> SyncSinglePage[Subscription]
GET/user/subscriptions
Update User Subscription
user.subscriptions.update(stridentifier, SubscriptionUpdateParams**kwargs) -> SubscriptionUpdateResponse
PUT/user/subscriptions/{identifier}
Delete User Subscription
user.subscriptions.delete(stridentifier) -> SubscriptionDeleteResponse
DELETE/user/subscriptions/{identifier}
ModelsExpand Collapse
Union[Optional[str], Optional[object]]
One of the following:
Optional[str]
Optional[object]
class SubscriptionDeleteResponse:
subscription_id: Optional[str]

Subscription identifier tag.

maxLength32

UserTokens

List Tokens
user.tokens.list(TokenListParams**kwargs) -> SyncV4PagePaginationArray[Token]
GET/user/tokens
Token Details
user.tokens.get(strtoken_id) -> Token
GET/user/tokens/{token_id}
Create Token
user.tokens.create(TokenCreateParams**kwargs) -> TokenCreateResponse
POST/user/tokens
Update Token
user.tokens.update(strtoken_id, TokenUpdateParams**kwargs) -> Token
PUT/user/tokens/{token_id}
Delete Token
user.tokens.delete(strtoken_id) -> TokenDeleteResponse
DELETE/user/tokens/{token_id}
Verify Token
user.tokens.verify() -> TokenVerifyResponse
GET/user/tokens/verify
ModelsExpand Collapse
class TokenCreateResponse:
id: Optional[str]

Token identifier tag.

maxLength32
condition: Optional[Condition]
request_ip: Optional[ConditionRequestIP]

Client IP restrictions.

in_: Optional[List[TokenConditionCIDRList]]

List of IPv4/IPv6 CIDR addresses.

not_in: Optional[List[TokenConditionCIDRList]]

List of IPv4/IPv6 CIDR addresses.

expires_on: Optional[datetime]

The expiration time on or after which the JWT MUST NOT be accepted for processing.

formatdate-time
issued_on: Optional[datetime]

The time on which the token was created.

formatdate-time
last_used_on: Optional[datetime]

Last time the token was used.

formatdate-time
modified_on: Optional[datetime]

Last time the token was modified.

formatdate-time
name: Optional[str]

Token name.

maxLength120
not_before: Optional[datetime]

The time before which the token MUST NOT be accepted for processing.

formatdate-time
policies: Optional[List[TokenPolicy]]

List of access policies assigned to the token.

id: str

Policy identifier.

effect: Literal["allow", "deny"]

Allow or deny operations against the resources.

One of the following:
"allow"
"deny"
permission_groups: List[PermissionGroup]

A set of permission groups that are specified to the policy.

id: str

Identifier of the permission group.

meta: Optional[PermissionGroupMeta]

Attributes associated to the permission group.

key: Optional[str]
value: Optional[str]
name: Optional[str]

Name of the permission group.

resources: Union[Dict[str, str], Dict[str, Dict[str, str]]]

A list of resource names that the policy applies to.

One of the following:
Dict[str, str]

Map of simple string resource permissions

Dict[str, Dict[str, str]]

Map of nested resource permissions

status: Optional[Literal["active", "disabled", "expired"]]

Status of the token.

One of the following:
"active"
"disabled"
"expired"
value: Optional[TokenValue]

The token value.

maxLength80
minLength40
class TokenDeleteResponse:
id: str

Identifier

maxLength32
minLength32
class TokenVerifyResponse:
id: str

Token identifier tag.

maxLength32
status: Literal["active", "disabled", "expired"]

Status of the token.

One of the following:
"active"
"disabled"
"expired"
expires_on: Optional[datetime]

The expiration time on or after which the JWT MUST NOT be accepted for processing.

formatdate-time
not_before: Optional[datetime]

The time before which the token MUST NOT be accepted for processing.

formatdate-time

UserTokensPermission Groups

List Token Permission Groups
user.tokens.permission_groups.list(PermissionGroupListParams**kwargs) -> SyncSinglePage[PermissionGroupListResponse]
GET/user/tokens/permission_groups
ModelsExpand Collapse
class PermissionGroupListResponse:
id: Optional[str]

Public ID.

name: Optional[str]

Permission Group Name

scopes: Optional[List[Literal["com.cloudflare.api.account", "com.cloudflare.api.account.zone", "com.cloudflare.api.user", "com.cloudflare.edge.r2.bucket"]]]

Resources to which the Permission Group is scoped

One of the following:
"com.cloudflare.api.account"
"com.cloudflare.api.account.zone"
"com.cloudflare.api.user"
"com.cloudflare.edge.r2.bucket"

UserTokensValue

Roll Token
user.tokens.value.update(strtoken_id, ValueUpdateParams**kwargs) -> TokenValue
PUT/user/tokens/{token_id}/value