# User ## User Details `user.get() -> UserGetResponse` **get** `/user` User Details ### Returns - `class UserGetResponse: …` - `id: Optional[str]` Identifier of the user. - `betas: Optional[List[str]]` Lists the betas that the user is participating in. - `country: Optional[str]` The country in which the user lives. - `first_name: Optional[str]` User's first name - `has_business_zones: Optional[bool]` Indicates whether user has any business zones - `has_enterprise_zones: Optional[bool]` Indicates whether user has any enterprise zones - `has_pro_zones: Optional[bool]` Indicates whether user has any pro zones - `last_name: Optional[str]` User's last name - `organizations: Optional[List[Organization]]` - `id: Optional[str]` Identifier - `name: Optional[str]` Organization name. - `permissions: Optional[List[Permission]]` Access permissions for this User. - `roles: Optional[List[str]]` List of roles that a user has within an organization. - `status: Optional[Status]` Whether the user is a member of the organization or has an invitation pending. - `"member"` - `"invited"` - `suspended: Optional[bool]` Indicates whether user has been suspended - `telephone: Optional[str]` User's telephone number - `two_factor_authentication_enabled: Optional[bool]` Indicates whether two-factor authentication is enabled for the user account. Does not apply to API authentication. - `two_factor_authentication_locked: Optional[bool]` Indicates whether two-factor authentication is required by one of the accounts that the user is a member of. - `zipcode: Optional[str]` The zipcode or postal code where the user lives. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_email=os.environ.get("CLOUDFLARE_EMAIL"), # This is the default and can be omitted api_key=os.environ.get("CLOUDFLARE_API_KEY"), # This is the default and can be omitted ) user = client.user.get() print(user.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "6d7f2f5f5b1d4a0e9081fdc98d432fd1", "betas": [ "zone_level_access_beta" ], "country": "US", "first_name": "John", "has_business_zones": true, "has_enterprise_zones": true, "has_pro_zones": true, "last_name": "Appleseed", "organizations": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "name": "Cloudflare, Inc.", "permissions": [ "#zones:read" ], "roles": [ "All Privileges - Super Administrator" ], "status": "member" } ], "suspended": true, "telephone": "+1 123-123-1234", "two_factor_authentication_enabled": true, "two_factor_authentication_locked": true, "zipcode": "12345" } } ``` ## Edit User `user.edit(UserEditParams**kwargs) -> UserEditResponse` **patch** `/user` Edit part of your user details. ### Parameters - `country: Optional[str]` The country in which the user lives. - `first_name: Optional[str]` User's first name - `last_name: Optional[str]` User's last name - `telephone: Optional[str]` User's telephone number - `zipcode: Optional[str]` The zipcode or postal code where the user lives. ### Returns - `class UserEditResponse: …` - `id: Optional[str]` Identifier of the user. - `betas: Optional[List[str]]` Lists the betas that the user is participating in. - `country: Optional[str]` The country in which the user lives. - `first_name: Optional[str]` User's first name - `has_business_zones: Optional[bool]` Indicates whether user has any business zones - `has_enterprise_zones: Optional[bool]` Indicates whether user has any enterprise zones - `has_pro_zones: Optional[bool]` Indicates whether user has any pro zones - `last_name: Optional[str]` User's last name - `organizations: Optional[List[Organization]]` - `id: Optional[str]` Identifier - `name: Optional[str]` Organization name. - `permissions: Optional[List[Permission]]` Access permissions for this User. - `roles: Optional[List[str]]` List of roles that a user has within an organization. - `status: Optional[Status]` Whether the user is a member of the organization or has an invitation pending. - `"member"` - `"invited"` - `suspended: Optional[bool]` Indicates whether user has been suspended - `telephone: Optional[str]` User's telephone number - `two_factor_authentication_enabled: Optional[bool]` Indicates whether two-factor authentication is enabled for the user account. Does not apply to API authentication. - `two_factor_authentication_locked: Optional[bool]` Indicates whether two-factor authentication is required by one of the accounts that the user is a member of. - `zipcode: Optional[str]` The zipcode or postal code where the user lives. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.user.edit() print(response.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "6d7f2f5f5b1d4a0e9081fdc98d432fd1", "betas": [ "zone_level_access_beta" ], "country": "US", "first_name": "John", "has_business_zones": true, "has_enterprise_zones": true, "has_pro_zones": true, "last_name": "Appleseed", "organizations": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "name": "Cloudflare, Inc.", "permissions": [ "#zones:read" ], "roles": [ "All Privileges - Super Administrator" ], "status": "member" } ], "suspended": true, "telephone": "+1 123-123-1234", "two_factor_authentication_enabled": true, "two_factor_authentication_locked": true, "zipcode": "12345" } } ``` ## Domain Types ### User Get Response - `class UserGetResponse: …` - `id: Optional[str]` Identifier of the user. - `betas: Optional[List[str]]` Lists the betas that the user is participating in. - `country: Optional[str]` The country in which the user lives. - `first_name: Optional[str]` User's first name - `has_business_zones: Optional[bool]` Indicates whether user has any business zones - `has_enterprise_zones: Optional[bool]` Indicates whether user has any enterprise zones - `has_pro_zones: Optional[bool]` Indicates whether user has any pro zones - `last_name: Optional[str]` User's last name - `organizations: Optional[List[Organization]]` - `id: Optional[str]` Identifier - `name: Optional[str]` Organization name. - `permissions: Optional[List[Permission]]` Access permissions for this User. - `roles: Optional[List[str]]` List of roles that a user has within an organization. - `status: Optional[Status]` Whether the user is a member of the organization or has an invitation pending. - `"member"` - `"invited"` - `suspended: Optional[bool]` Indicates whether user has been suspended - `telephone: Optional[str]` User's telephone number - `two_factor_authentication_enabled: Optional[bool]` Indicates whether two-factor authentication is enabled for the user account. Does not apply to API authentication. - `two_factor_authentication_locked: Optional[bool]` Indicates whether two-factor authentication is required by one of the accounts that the user is a member of. - `zipcode: Optional[str]` The zipcode or postal code where the user lives. ### User Edit Response - `class UserEditResponse: …` - `id: Optional[str]` Identifier of the user. - `betas: Optional[List[str]]` Lists the betas that the user is participating in. - `country: Optional[str]` The country in which the user lives. - `first_name: Optional[str]` User's first name - `has_business_zones: Optional[bool]` Indicates whether user has any business zones - `has_enterprise_zones: Optional[bool]` Indicates whether user has any enterprise zones - `has_pro_zones: Optional[bool]` Indicates whether user has any pro zones - `last_name: Optional[str]` User's last name - `organizations: Optional[List[Organization]]` - `id: Optional[str]` Identifier - `name: Optional[str]` Organization name. - `permissions: Optional[List[Permission]]` Access permissions for this User. - `roles: Optional[List[str]]` List of roles that a user has within an organization. - `status: Optional[Status]` Whether the user is a member of the organization or has an invitation pending. - `"member"` - `"invited"` - `suspended: Optional[bool]` Indicates whether user has been suspended - `telephone: Optional[str]` User's telephone number - `two_factor_authentication_enabled: Optional[bool]` Indicates whether two-factor authentication is enabled for the user account. Does not apply to API authentication. - `two_factor_authentication_locked: Optional[bool]` Indicates whether two-factor authentication is required by one of the accounts that the user is a member of. - `zipcode: Optional[str]` The zipcode or postal code where the user lives. # Audit Logs ## Get user audit logs `user.audit_logs.list(AuditLogListParams**kwargs) -> SyncV4PagePaginationArray[AuditLog]` **get** `/user/audit_logs` Gets a list of audit logs for a user account. Can be filtered by who made the change, on which zone, and the timeframe of the change. ### Parameters - `id: Optional[str]` Finds a specific log by its ID. - `action: Optional[Action]` - `type: Optional[str]` Filters by the action type. - `actor: Optional[Actor]` - `email: Optional[str]` Filters by the email address of the actor that made the change. - `ip: Optional[str]` Filters by the IP address of the request that made the change by specific IP address or valid CIDR Range. - `before: Optional[Union[Union[null, null], Union[str, datetime]]]` Limits the returned results to logs older than the specified date. A `full-date` that conforms to RFC3339. - `Union[null, null]` Limits the returned results to logs older than the specified date. A `full-date` that conforms to RFC3339. - `Union[str, datetime]` Limits the returned results to logs older than the specified date. A `date-time` that conforms to RFC3339. - `direction: Optional[Literal["desc", "asc"]]` Changes the direction of the chronological sorting. - `"desc"` - `"asc"` - `export: Optional[bool]` Indicates that this request is an export of logs in CSV format. - `hide_user_logs: Optional[bool]` Indicates whether or not to hide user level audit logs. - `page: Optional[float]` Defines which page of results to return. - `per_page: Optional[float]` Sets the number of results to return per page. - `since: Optional[Union[Union[null, null], Union[str, datetime]]]` Limits the returned results to logs newer than the specified date. A `full-date` that conforms to RFC3339. - `Union[null, null]` Limits the returned results to logs newer than the specified date. A `full-date` that conforms to RFC3339. - `Union[str, datetime]` Limits the returned results to logs newer than the specified date. A `date-time` that conforms to RFC3339. - `zone: Optional[Zone]` - `name: Optional[str]` Filters by the name of the zone associated to the change. ### Returns - `class AuditLog: …` - `id: Optional[str]` A string that uniquely identifies the audit log. - `action: Optional[Action]` - `result: Optional[bool]` A boolean that indicates if the action attempted was successful. - `type: Optional[str]` A short string that describes the action that was performed. - `actor: Optional[Actor]` - `id: Optional[str]` The ID of the actor that performed the action. If a user performed the action, this will be their User ID. - `email: Optional[str]` The email of the user that performed the action. - `ip: Optional[str]` The IP address of the request that performed the action. - `type: Optional[Literal["user", "admin", "Cloudflare"]]` The type of actor, whether a User, Cloudflare Admin, or an Automated System. - `"user"` - `"admin"` - `"Cloudflare"` - `interface: Optional[str]` The source of the event. - `metadata: Optional[object]` An object which can lend more context to the action being logged. This is a flexible value and varies between different actions. - `new_value: Optional[str]` The new value of the resource that was modified. - `old_value: Optional[str]` The value of the resource before it was modified. - `owner: Optional[Owner]` - `id: Optional[str]` Identifier - `resource: Optional[Resource]` - `id: Optional[str]` An identifier for the resource that was affected by the action. - `type: Optional[str]` A short string that describes the resource that was affected by the action. - `when: Optional[datetime]` A UTC RFC3339 timestamp that specifies when the action being logged occured. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.user.audit_logs.list() page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "d5b0f326-1232-4452-8858-1089bd7168ef", "action": { "result": true, "type": "change_setting" }, "actor": { "id": "f6b5de0326bb5182b8a4840ee01ec774", "email": "michelle@example.com", "ip": "198.41.129.166", "type": "user" }, "interface": "API", "metadata": { "name": "security_level", "type": "firewall", "value": "high", "zone_name": "example.com" }, "newValue": "low", "oldValue": "high", "owner": { "id": "023e105f4ecef8ad9ca31a8372d0c353" }, "resource": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "type": "zone" }, "when": "2017-04-26T17:31:07Z" } ], "success": true } ``` # Billing # History ## Billing History Details `user.billing.history.list(HistoryListParams**kwargs) -> SyncV4PagePaginationArray[BillingHistory]` **get** `/user/billing/history` Accesses your billing history object. ### Parameters - `action: Optional[str]` The billing item action. - `occurred_at: Optional[Union[str, datetime]]` When the billing item was created. - `order: Optional[Literal["type", "occurred_at", "action"]]` Field to order billing history by. - `"type"` - `"occurred_at"` - `"action"` - `page: Optional[float]` Page number of paginated results. - `per_page: Optional[float]` Number of items per page. - `type: Optional[str]` The billing item type. ### Returns - `class BillingHistory: …` - `id: str` Billing item identifier tag. - `action: str` The billing item action. - `amount: float` The amount associated with this billing item. - `currency: str` The monetary unit in which pricing information is displayed. - `description: str` The billing item description. - `occurred_at: datetime` When the billing item was created. - `type: str` The billing item type. - `zone: Zone` - `name: Optional[str]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.user.billing.history.list() page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "b69a9f3492637782896352daae219e7d", "action": "subscription", "amount": 20.99, "currency": "USD", "description": "The billing item description", "occurred_at": "2014-03-01T12:21:59.3456Z", "type": "charge", "zone": { "name": "name" } } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Domain Types ### Billing History - `class BillingHistory: …` - `id: str` Billing item identifier tag. - `action: str` The billing item action. - `amount: float` The amount associated with this billing item. - `currency: str` The monetary unit in which pricing information is displayed. - `description: str` The billing item description. - `occurred_at: datetime` When the billing item was created. - `type: str` The billing item type. - `zone: Zone` - `name: Optional[str]` # Profile ## Billing Profile Details `user.billing.profile.get() -> ProfileGetResponse` **get** `/user/billing/profile` Accesses your billing profile object. ### Returns - `class ProfileGetResponse: …` - `id: Optional[str]` Billing item identifier tag. - `account_type: Optional[str]` - `address: Optional[str]` - `address2: Optional[str]` - `balance: Optional[str]` - `card_expiry_month: Optional[int]` - `card_expiry_year: Optional[int]` - `card_number: Optional[str]` - `city: Optional[str]` - `company: Optional[str]` - `country: Optional[str]` - `created_on: Optional[datetime]` - `device_data: Optional[str]` - `edited_on: Optional[datetime]` - `enterprise_billing_email: Optional[str]` - `enterprise_primary_email: Optional[str]` - `first_name: Optional[str]` - `is_partner: Optional[bool]` - `last_name: Optional[str]` - `next_bill_date: Optional[datetime]` - `payment_address: Optional[str]` - `payment_address2: Optional[str]` - `payment_city: Optional[str]` - `payment_country: Optional[str]` - `payment_email: Optional[str]` - `payment_first_name: Optional[str]` - `payment_gateway: Optional[str]` - `payment_last_name: Optional[str]` - `payment_nonce: Optional[str]` - `payment_state: Optional[str]` - `payment_zipcode: Optional[str]` - `primary_email: Optional[str]` - `state: Optional[str]` - `tax_id_type: Optional[str]` - `telephone: Optional[str]` - `use_legacy: Optional[bool]` - `validation_code: Optional[str]` - `vat: Optional[str]` - `zipcode: Optional[str]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) profile = client.user.billing.profile.get() print(profile.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "b69a9f3492637782896352daae219e7d", "account_type": "type", "address": "123 Main Street", "address2": "Apt 1", "balance": "0", "card_expiry_month": 12, "card_expiry_year": 2099, "card_number": "4242424242424242", "city": "Anytown", "company": "Company", "country": "Anycountry", "created_on": "2014-03-01T12:21:59.3456Z", "device_data": "sample_data", "edited_on": "2014-03-01T12:21:59.3456Z", "enterprise_billing_email": "johndoe@gmail.com", "enterprise_primary_email": "johndoe@gmail.com", "first_name": "John", "is_partner": false, "last_name": "Doe", "next_bill_date": "2014-03-01T12:21:59.3456Z", "payment_address": "123 Main Street", "payment_address2": "Apt 1", "payment_city": "Anytown", "payment_country": "Anycountry", "payment_email": "johndoe@gmail.com", "payment_first_name": "John", "payment_gateway": "gateway", "payment_last_name": "Doe", "payment_nonce": "abc123", "payment_state": "state", "payment_zipcode": "12345", "primary_email": "johndoe@gmail.com", "state": "AnyState", "tax_id_type": "type", "telephone": "1234567899", "use_legacy": false, "validation_code": "1111", "vat": "GB123456789", "zipcode": "12345" }, "success": true } ``` ## Domain Types ### Profile Get Response - `class ProfileGetResponse: …` - `id: Optional[str]` Billing item identifier tag. - `account_type: Optional[str]` - `address: Optional[str]` - `address2: Optional[str]` - `balance: Optional[str]` - `card_expiry_month: Optional[int]` - `card_expiry_year: Optional[int]` - `card_number: Optional[str]` - `city: Optional[str]` - `company: Optional[str]` - `country: Optional[str]` - `created_on: Optional[datetime]` - `device_data: Optional[str]` - `edited_on: Optional[datetime]` - `enterprise_billing_email: Optional[str]` - `enterprise_primary_email: Optional[str]` - `first_name: Optional[str]` - `is_partner: Optional[bool]` - `last_name: Optional[str]` - `next_bill_date: Optional[datetime]` - `payment_address: Optional[str]` - `payment_address2: Optional[str]` - `payment_city: Optional[str]` - `payment_country: Optional[str]` - `payment_email: Optional[str]` - `payment_first_name: Optional[str]` - `payment_gateway: Optional[str]` - `payment_last_name: Optional[str]` - `payment_nonce: Optional[str]` - `payment_state: Optional[str]` - `payment_zipcode: Optional[str]` - `primary_email: Optional[str]` - `state: Optional[str]` - `tax_id_type: Optional[str]` - `telephone: Optional[str]` - `use_legacy: Optional[bool]` - `validation_code: Optional[str]` - `vat: Optional[str]` - `zipcode: Optional[str]` # Invites ## List Invitations `user.invites.list() -> SyncSinglePage[Invite]` **get** `/user/invites` Lists all invitations associated with my user. ### Returns - `class Invite: …` - `invited_member_id: Optional[str]` ID of the user to add to the organization. - `organization_id: str` ID of the organization the user will be added to. - `id: Optional[str]` Invite identifier tag. - `expires_on: Optional[datetime]` When the invite is no longer active. - `invited_by: Optional[str]` The email address of the user who created the invite. - `invited_member_email: Optional[str]` Email address of the user to add to the organization. - `invited_on: Optional[datetime]` When the invite was sent. - `organization_is_enforcing_twofactor: Optional[bool]` - `organization_name: Optional[str]` Organization name. - `roles: Optional[List[str]]` List of role names the membership has for this account. - `status: Optional[Literal["pending", "accepted", "rejected", "expired"]]` Current status of the invitation. - `"pending"` - `"accepted"` - `"rejected"` - `"expired"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_email=os.environ.get("CLOUDFLARE_EMAIL"), # This is the default and can be omitted api_key=os.environ.get("CLOUDFLARE_API_KEY"), # This is the default and can be omitted ) page = client.user.invites.list() page = page.result[0] print(page.invited_member_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "invited_member_id": "5a7805061c76ada191ed06f989cc3dac", "organization_id": "5a7805061c76ada191ed06f989cc3dac", "id": "4f5f0c14a2a41d5063dd301b2f829f04", "expires_on": "2014-01-01T05:20:00Z", "invited_by": "user@example.com", "invited_member_email": "user@example.com", "invited_on": "2014-01-01T05:20:00Z", "organization_is_enforcing_twofactor": true, "organization_name": "Cloudflare, Inc.", "roles": [ "Account Administrator" ], "status": "accepted" } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Invitation Details `user.invites.get(strinvite_id) -> Invite` **get** `/user/invites/{invite_id}` Gets the details of an invitation. ### Parameters - `invite_id: str` Invite identifier tag. ### Returns - `class Invite: …` - `invited_member_id: Optional[str]` ID of the user to add to the organization. - `organization_id: str` ID of the organization the user will be added to. - `id: Optional[str]` Invite identifier tag. - `expires_on: Optional[datetime]` When the invite is no longer active. - `invited_by: Optional[str]` The email address of the user who created the invite. - `invited_member_email: Optional[str]` Email address of the user to add to the organization. - `invited_on: Optional[datetime]` When the invite was sent. - `organization_is_enforcing_twofactor: Optional[bool]` - `organization_name: Optional[str]` Organization name. - `roles: Optional[List[str]]` List of role names the membership has for this account. - `status: Optional[Literal["pending", "accepted", "rejected", "expired"]]` Current status of the invitation. - `"pending"` - `"accepted"` - `"rejected"` - `"expired"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_email=os.environ.get("CLOUDFLARE_EMAIL"), # This is the default and can be omitted api_key=os.environ.get("CLOUDFLARE_API_KEY"), # This is the default and can be omitted ) invite = client.user.invites.get( "4f5f0c14a2a41d5063dd301b2f829f04", ) print(invite.invited_member_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "invited_member_id": "5a7805061c76ada191ed06f989cc3dac", "organization_id": "5a7805061c76ada191ed06f989cc3dac", "id": "4f5f0c14a2a41d5063dd301b2f829f04", "expires_on": "2014-01-01T05:20:00Z", "invited_by": "user@example.com", "invited_member_email": "user@example.com", "invited_on": "2014-01-01T05:20:00Z", "organization_is_enforcing_twofactor": true, "organization_name": "Cloudflare, Inc.", "roles": [ "Account Administrator" ], "status": "accepted" } } ``` ## Respond to Invitation `user.invites.edit(strinvite_id, InviteEditParams**kwargs) -> Invite` **patch** `/user/invites/{invite_id}` Responds to an invitation. ### Parameters - `invite_id: str` Invite identifier tag. - `status: Literal["accepted", "rejected"]` Status of your response to the invitation (rejected or accepted). - `"accepted"` - `"rejected"` ### Returns - `class Invite: …` - `invited_member_id: Optional[str]` ID of the user to add to the organization. - `organization_id: str` ID of the organization the user will be added to. - `id: Optional[str]` Invite identifier tag. - `expires_on: Optional[datetime]` When the invite is no longer active. - `invited_by: Optional[str]` The email address of the user who created the invite. - `invited_member_email: Optional[str]` Email address of the user to add to the organization. - `invited_on: Optional[datetime]` When the invite was sent. - `organization_is_enforcing_twofactor: Optional[bool]` - `organization_name: Optional[str]` Organization name. - `roles: Optional[List[str]]` List of role names the membership has for this account. - `status: Optional[Literal["pending", "accepted", "rejected", "expired"]]` Current status of the invitation. - `"pending"` - `"accepted"` - `"rejected"` - `"expired"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_email=os.environ.get("CLOUDFLARE_EMAIL"), # This is the default and can be omitted api_key=os.environ.get("CLOUDFLARE_API_KEY"), # This is the default and can be omitted ) invite = client.user.invites.edit( invite_id="4f5f0c14a2a41d5063dd301b2f829f04", status="accepted", ) print(invite.invited_member_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "invited_member_id": "5a7805061c76ada191ed06f989cc3dac", "organization_id": "5a7805061c76ada191ed06f989cc3dac", "id": "4f5f0c14a2a41d5063dd301b2f829f04", "expires_on": "2014-01-01T05:20:00Z", "invited_by": "user@example.com", "invited_member_email": "user@example.com", "invited_on": "2014-01-01T05:20:00Z", "organization_is_enforcing_twofactor": true, "organization_name": "Cloudflare, Inc.", "roles": [ "Account Administrator" ], "status": "accepted" } } ``` ## Domain Types ### Invite - `class Invite: …` - `invited_member_id: Optional[str]` ID of the user to add to the organization. - `organization_id: str` ID of the organization the user will be added to. - `id: Optional[str]` Invite identifier tag. - `expires_on: Optional[datetime]` When the invite is no longer active. - `invited_by: Optional[str]` The email address of the user who created the invite. - `invited_member_email: Optional[str]` Email address of the user to add to the organization. - `invited_on: Optional[datetime]` When the invite was sent. - `organization_is_enforcing_twofactor: Optional[bool]` - `organization_name: Optional[str]` Organization name. - `roles: Optional[List[str]]` List of role names the membership has for this account. - `status: Optional[Literal["pending", "accepted", "rejected", "expired"]]` Current status of the invitation. - `"pending"` - `"accepted"` - `"rejected"` - `"expired"` # Organizations ## List Organizations `user.organizations.list(OrganizationListParams**kwargs) -> SyncV4PagePaginationArray[Organization]` **get** `/user/organizations` Lists organizations the user is associated with. ### Parameters - `direction: Optional[Literal["asc", "desc"]]` Direction to order organizations. - `"asc"` - `"desc"` - `match: Optional[Literal["any", "all"]]` Whether to match all search requirements or at least one (any). - `"any"` - `"all"` - `name: Optional[str]` Organization name. - `order: Optional[Literal["id", "name", "status"]]` Field to order organizations by. - `"id"` - `"name"` - `"status"` - `page: Optional[float]` Page number of paginated results. - `per_page: Optional[float]` Number of organizations per page. - `status: Optional[Literal["member", "invited"]]` Whether the user is a member of the organization or has an inivitation pending. - `"member"` - `"invited"` ### Returns - `class Organization: …` - `id: Optional[str]` Identifier - `name: Optional[str]` Organization name. - `permissions: Optional[List[Permission]]` Access permissions for this User. - `roles: Optional[List[str]]` List of roles that a user has within an organization. - `status: Optional[Status]` Whether the user is a member of the organization or has an invitation pending. - `"member"` - `"invited"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_email=os.environ.get("CLOUDFLARE_EMAIL"), # This is the default and can be omitted api_key=os.environ.get("CLOUDFLARE_API_KEY"), # This is the default and can be omitted ) page = client.user.organizations.list() page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "name": "Cloudflare, Inc.", "permissions": [ "#zones:read" ], "roles": [ "All Privileges - Super Administrator" ], "status": "member" } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Organization Details `user.organizations.get(strorganization_id) -> object` **get** `/user/organizations/{organization_id}` Gets a specific organization the user is associated with. ### Parameters - `organization_id: str` Identifier ### Returns - `object` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_email=os.environ.get("CLOUDFLARE_EMAIL"), # This is the default and can be omitted api_key=os.environ.get("CLOUDFLARE_API_KEY"), # This is the default and can be omitted ) organization = client.user.organizations.get( "023e105f4ecef8ad9ca31a8372d0c353", ) print(organization) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": {} } ``` ## Leave Organization `user.organizations.delete(strorganization_id) -> OrganizationDeleteResponse` **delete** `/user/organizations/{organization_id}` Removes association to an organization. ### Parameters - `organization_id: str` Identifier ### Returns - `class OrganizationDeleteResponse: …` - `id: Optional[str]` Identifier ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_email=os.environ.get("CLOUDFLARE_EMAIL"), # This is the default and can be omitted api_key=os.environ.get("CLOUDFLARE_API_KEY"), # This is the default and can be omitted ) organization = client.user.organizations.delete( "023e105f4ecef8ad9ca31a8372d0c353", ) print(organization.id) ``` #### Response ```json { "id": "023e105f4ecef8ad9ca31a8372d0c353" } ``` ## Domain Types ### Organization - `class Organization: …` - `id: Optional[str]` Identifier - `name: Optional[str]` Organization name. - `permissions: Optional[List[Permission]]` Access permissions for this User. - `roles: Optional[List[str]]` List of roles that a user has within an organization. - `status: Optional[Status]` Whether the user is a member of the organization or has an invitation pending. - `"member"` - `"invited"` ### Organization Delete Response - `class OrganizationDeleteResponse: …` - `id: Optional[str]` Identifier # Subscriptions ## Get User Subscriptions `user.subscriptions.get() -> SyncSinglePage[Subscription]` **get** `/user/subscriptions` Lists all of a user's subscriptions. ### Returns - `class Subscription: …` - `id: Optional[str]` Subscription identifier tag. - `currency: Optional[str]` The monetary unit in which pricing information is displayed. - `current_period_end: Optional[datetime]` The end of the current period and also when the next billing is due. - `current_period_start: Optional[datetime]` When the current billing period started. May match initial_period_start if this is the first period. - `frequency: Optional[Literal["weekly", "monthly", "quarterly", "yearly"]]` How often the subscription is renewed automatically. - `"weekly"` - `"monthly"` - `"quarterly"` - `"yearly"` - `price: Optional[float]` The price of the subscription that will be billed, in US dollars. - `rate_plan: Optional[RatePlan]` The rate plan applied to the subscription. - `id: Optional[Literal["free", "lite", "pro", 7 more]]` The ID of the rate plan. - `"free"` - `"lite"` - `"pro"` - `"pro_plus"` - `"business"` - `"enterprise"` - `"partners_free"` - `"partners_pro"` - `"partners_business"` - `"partners_enterprise"` - `currency: Optional[str]` The currency applied to the rate plan subscription. - `externally_managed: Optional[bool]` Whether this rate plan is managed externally from Cloudflare. - `is_contract: Optional[bool]` Whether a rate plan is enterprise-based (or newly adopted term contract). - `public_name: Optional[str]` The full name of the rate plan. - `scope: Optional[str]` The scope that this rate plan applies to. - `sets: Optional[List[str]]` The list of sets this rate plan applies to. Returns array of strings. - `state: Optional[Literal["Trial", "Provisioned", "Paid", 4 more]]` The state that the subscription is in. - `"Trial"` - `"Provisioned"` - `"Paid"` - `"AwaitingPayment"` - `"Cancelled"` - `"Failed"` - `"Expired"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.user.subscriptions.get() page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "506e3185e9c882d175a2d0cb0093d9f2", "currency": "USD", "current_period_end": "2014-03-31T12:20:00Z", "current_period_start": "2014-05-11T12:20:00Z", "frequency": "monthly", "price": 20, "rate_plan": { "id": "free", "currency": "USD", "externally_managed": false, "is_contract": false, "public_name": "Business Plan", "scope": "zone", "sets": [ "string" ] }, "state": "Paid" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Update User Subscription `user.subscriptions.update(stridentifier, SubscriptionUpdateParams**kwargs) -> SubscriptionUpdateResponse` **put** `/user/subscriptions/{identifier}` Updates a user's subscriptions. ### Parameters - `identifier: str` Subscription identifier tag. - `frequency: Optional[Literal["weekly", "monthly", "quarterly", "yearly"]]` How often the subscription is renewed automatically. - `"weekly"` - `"monthly"` - `"quarterly"` - `"yearly"` - `rate_plan: Optional[RatePlan]` The rate plan applied to the subscription. - `id: Optional[Literal["free", "lite", "pro", 7 more]]` The ID of the rate plan. - `"free"` - `"lite"` - `"pro"` - `"pro_plus"` - `"business"` - `"enterprise"` - `"partners_free"` - `"partners_pro"` - `"partners_business"` - `"partners_enterprise"` - `currency: Optional[str]` The currency applied to the rate plan subscription. - `externally_managed: Optional[bool]` Whether this rate plan is managed externally from Cloudflare. - `is_contract: Optional[bool]` Whether a rate plan is enterprise-based (or newly adopted term contract). - `public_name: Optional[str]` The full name of the rate plan. - `scope: Optional[str]` The scope that this rate plan applies to. - `sets: Optional[List[str]]` The list of sets this rate plan applies to. Returns array of strings. ### Returns - `Union[Optional[str], Optional[object]]` - `Optional[str]` - `Optional[object]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) subscription = client.user.subscriptions.update( identifier="506e3185e9c882d175a2d0cb0093d9f2", ) print(subscription) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": {}, "success": true } ``` ## Delete User Subscription `user.subscriptions.delete(stridentifier) -> SubscriptionDeleteResponse` **delete** `/user/subscriptions/{identifier}` Deletes a user's subscription. ### Parameters - `identifier: str` Subscription identifier tag. ### Returns - `class SubscriptionDeleteResponse: …` - `subscription_id: Optional[str]` Subscription identifier tag. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) subscription = client.user.subscriptions.delete( "506e3185e9c882d175a2d0cb0093d9f2", ) print(subscription.subscription_id) ``` #### Response ```json { "subscription_id": "506e3185e9c882d175a2d0cb0093d9f2" } ``` ## Domain Types ### Subscription Update Response - `Union[Optional[str], Optional[object]]` - `Optional[str]` - `Optional[object]` ### Subscription Delete Response - `class SubscriptionDeleteResponse: …` - `subscription_id: Optional[str]` Subscription identifier tag. # Tokens ## List Tokens `user.tokens.list(TokenListParams**kwargs) -> SyncV4PagePaginationArray[Token]` **get** `/user/tokens` List all access tokens you created. ### Parameters - `direction: Optional[Literal["asc", "desc"]]` Direction to order results. - `"asc"` - `"desc"` - `page: Optional[float]` Page number of paginated results. - `per_page: Optional[float]` Maximum number of results per page. ### Returns - `class Token: …` - `id: Optional[str]` Token identifier tag. - `condition: Optional[Condition]` - `request_ip: Optional[ConditionRequestIP]` Client IP restrictions. - `in_: Optional[List[TokenConditionCIDRList]]` List of IPv4/IPv6 CIDR addresses. - `not_in: Optional[List[TokenConditionCIDRList]]` List of IPv4/IPv6 CIDR addresses. - `expires_on: Optional[datetime]` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `issued_on: Optional[datetime]` The time on which the token was created. - `last_used_on: Optional[datetime]` Last time the token was used. - `modified_on: Optional[datetime]` Last time the token was modified. - `name: Optional[str]` Token name. - `not_before: Optional[datetime]` The time before which the token MUST NOT be accepted for processing. - `policies: Optional[List[TokenPolicy]]` List of access policies assigned to the token. - `id: str` Policy identifier. - `effect: Literal["allow", "deny"]` Allow or deny operations against the resources. - `"allow"` - `"deny"` - `permission_groups: List[PermissionGroup]` A set of permission groups that are specified to the policy. - `id: str` Identifier of the permission group. - `meta: Optional[PermissionGroupMeta]` Attributes associated to the permission group. - `key: Optional[str]` - `value: Optional[str]` - `name: Optional[str]` Name of the permission group. - `resources: Union[Dict[str, str], Dict[str, Dict[str, str]]]` A list of resource names that the policy applies to. - `Dict[str, str]` Map of simple string resource permissions - `Dict[str, Dict[str, str]]` Map of nested resource permissions - `status: Optional[Literal["active", "disabled", "expired"]]` Status of the token. - `"active"` - `"disabled"` - `"expired"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.user.tokens.list() page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "ed17574386854bf78a67040be0a770b0", "condition": { "request_ip": { "in": [ "123.123.123.0/24", "2606:4700::/32" ], "not_in": [ "123.123.123.100/24", "2606:4700:4700::/48" ] } }, "expires_on": "2020-01-01T00:00:00Z", "issued_on": "2018-07-01T05:20:00Z", "last_used_on": "2020-01-02T12:34:00Z", "modified_on": "2018-07-02T05:20:00Z", "name": "readonly token", "not_before": "2018-07-01T05:20:00Z", "policies": [ { "id": "f267e341f3dd4697bd3b9f71dd96247f", "effect": "allow", "permission_groups": [ { "id": "c8fed203ed3043cba015a93ad1616f1f", "meta": { "key": "key", "value": "value" }, "name": "Zone Read" }, { "id": "82e64a83756745bbbb1c9c2701bf816b", "meta": { "key": "key", "value": "value" }, "name": "Magic Network Monitoring" } ], "resources": { "foo": "string" } } ], "status": "active" } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Token Details `user.tokens.get(strtoken_id) -> Token` **get** `/user/tokens/{token_id}` Get information about a specific token. ### Parameters - `token_id: str` Token identifier tag. ### Returns - `class Token: …` - `id: Optional[str]` Token identifier tag. - `condition: Optional[Condition]` - `request_ip: Optional[ConditionRequestIP]` Client IP restrictions. - `in_: Optional[List[TokenConditionCIDRList]]` List of IPv4/IPv6 CIDR addresses. - `not_in: Optional[List[TokenConditionCIDRList]]` List of IPv4/IPv6 CIDR addresses. - `expires_on: Optional[datetime]` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `issued_on: Optional[datetime]` The time on which the token was created. - `last_used_on: Optional[datetime]` Last time the token was used. - `modified_on: Optional[datetime]` Last time the token was modified. - `name: Optional[str]` Token name. - `not_before: Optional[datetime]` The time before which the token MUST NOT be accepted for processing. - `policies: Optional[List[TokenPolicy]]` List of access policies assigned to the token. - `id: str` Policy identifier. - `effect: Literal["allow", "deny"]` Allow or deny operations against the resources. - `"allow"` - `"deny"` - `permission_groups: List[PermissionGroup]` A set of permission groups that are specified to the policy. - `id: str` Identifier of the permission group. - `meta: Optional[PermissionGroupMeta]` Attributes associated to the permission group. - `key: Optional[str]` - `value: Optional[str]` - `name: Optional[str]` Name of the permission group. - `resources: Union[Dict[str, str], Dict[str, Dict[str, str]]]` A list of resource names that the policy applies to. - `Dict[str, str]` Map of simple string resource permissions - `Dict[str, Dict[str, str]]` Map of nested resource permissions - `status: Optional[Literal["active", "disabled", "expired"]]` Status of the token. - `"active"` - `"disabled"` - `"expired"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) token = client.user.tokens.get( "ed17574386854bf78a67040be0a770b0", ) print(token.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "ed17574386854bf78a67040be0a770b0", "condition": { "request_ip": { "in": [ "123.123.123.0/24", "2606:4700::/32" ], "not_in": [ "123.123.123.100/24", "2606:4700:4700::/48" ] } }, "expires_on": "2020-01-01T00:00:00Z", "issued_on": "2018-07-01T05:20:00Z", "last_used_on": "2020-01-02T12:34:00Z", "modified_on": "2018-07-02T05:20:00Z", "name": "readonly token", "not_before": "2018-07-01T05:20:00Z", "policies": [ { "id": "f267e341f3dd4697bd3b9f71dd96247f", "effect": "allow", "permission_groups": [ { "id": "c8fed203ed3043cba015a93ad1616f1f", "meta": { "key": "key", "value": "value" }, "name": "Zone Read" }, { "id": "82e64a83756745bbbb1c9c2701bf816b", "meta": { "key": "key", "value": "value" }, "name": "Magic Network Monitoring" } ], "resources": { "foo": "string" } } ], "status": "active" } } ``` ## Create Token `user.tokens.create(TokenCreateParams**kwargs) -> TokenCreateResponse` **post** `/user/tokens` Create a new access token. ### Parameters - `name: str` Token name. - `policies: Iterable[TokenPolicy]` List of access policies assigned to the token. - `id: str` Policy identifier. - `effect: Literal["allow", "deny"]` Allow or deny operations against the resources. - `"allow"` - `"deny"` - `permission_groups: List[PermissionGroup]` A set of permission groups that are specified to the policy. - `id: str` Identifier of the permission group. - `meta: Optional[PermissionGroupMeta]` Attributes associated to the permission group. - `key: Optional[str]` - `value: Optional[str]` - `name: Optional[str]` Name of the permission group. - `resources: Union[Dict[str, str], Dict[str, Dict[str, str]]]` A list of resource names that the policy applies to. - `Dict[str, str]` Map of simple string resource permissions - `Dict[str, Dict[str, str]]` Map of nested resource permissions - `condition: Optional[Condition]` - `request_ip: Optional[ConditionRequestIP]` Client IP restrictions. - `in_: Optional[SequenceNotStr[TokenConditionCIDRList]]` List of IPv4/IPv6 CIDR addresses. - `not_in: Optional[SequenceNotStr[TokenConditionCIDRList]]` List of IPv4/IPv6 CIDR addresses. - `expires_on: Optional[Union[str, datetime]]` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `not_before: Optional[Union[str, datetime]]` The time before which the token MUST NOT be accepted for processing. ### Returns - `class TokenCreateResponse: …` - `id: Optional[str]` Token identifier tag. - `condition: Optional[Condition]` - `request_ip: Optional[ConditionRequestIP]` Client IP restrictions. - `in_: Optional[List[TokenConditionCIDRList]]` List of IPv4/IPv6 CIDR addresses. - `not_in: Optional[List[TokenConditionCIDRList]]` List of IPv4/IPv6 CIDR addresses. - `expires_on: Optional[datetime]` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `issued_on: Optional[datetime]` The time on which the token was created. - `last_used_on: Optional[datetime]` Last time the token was used. - `modified_on: Optional[datetime]` Last time the token was modified. - `name: Optional[str]` Token name. - `not_before: Optional[datetime]` The time before which the token MUST NOT be accepted for processing. - `policies: Optional[List[TokenPolicy]]` List of access policies assigned to the token. - `id: str` Policy identifier. - `effect: Literal["allow", "deny"]` Allow or deny operations against the resources. - `"allow"` - `"deny"` - `permission_groups: List[PermissionGroup]` A set of permission groups that are specified to the policy. - `id: str` Identifier of the permission group. - `meta: Optional[PermissionGroupMeta]` Attributes associated to the permission group. - `key: Optional[str]` - `value: Optional[str]` - `name: Optional[str]` Name of the permission group. - `resources: Union[Dict[str, str], Dict[str, Dict[str, str]]]` A list of resource names that the policy applies to. - `Dict[str, str]` Map of simple string resource permissions - `Dict[str, Dict[str, str]]` Map of nested resource permissions - `status: Optional[Literal["active", "disabled", "expired"]]` Status of the token. - `"active"` - `"disabled"` - `"expired"` - `value: Optional[TokenValue]` The token value. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) token = client.user.tokens.create( name="readonly token", policies=[{ "effect": "allow", "permission_groups": [{ "id": "c8fed203ed3043cba015a93ad1616f1f" }, { "id": "82e64a83756745bbbb1c9c2701bf816b" }], "resources": { "foo": "string" }, }], ) print(token.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "ed17574386854bf78a67040be0a770b0", "condition": { "request_ip": { "in": [ "123.123.123.0/24", "2606:4700::/32" ], "not_in": [ "123.123.123.100/24", "2606:4700:4700::/48" ] } }, "expires_on": "2020-01-01T00:00:00Z", "issued_on": "2018-07-01T05:20:00Z", "last_used_on": "2020-01-02T12:34:00Z", "modified_on": "2018-07-02T05:20:00Z", "name": "readonly token", "not_before": "2018-07-01T05:20:00Z", "policies": [ { "id": "f267e341f3dd4697bd3b9f71dd96247f", "effect": "allow", "permission_groups": [ { "id": "c8fed203ed3043cba015a93ad1616f1f", "meta": { "key": "key", "value": "value" }, "name": "Zone Read" }, { "id": "82e64a83756745bbbb1c9c2701bf816b", "meta": { "key": "key", "value": "value" }, "name": "Magic Network Monitoring" } ], "resources": { "foo": "string" } } ], "status": "active", "value": "8M7wS6hCpXVc-DoRnPPY_UCWPgy8aea4Wy6kCe5T" } } ``` ## Update Token `user.tokens.update(strtoken_id, TokenUpdateParams**kwargs) -> Token` **put** `/user/tokens/{token_id}` Update an existing token. ### Parameters - `token_id: str` Token identifier tag. - `name: str` Token name. - `policies: Iterable[TokenPolicy]` List of access policies assigned to the token. - `id: str` Policy identifier. - `effect: Literal["allow", "deny"]` Allow or deny operations against the resources. - `"allow"` - `"deny"` - `permission_groups: List[PermissionGroup]` A set of permission groups that are specified to the policy. - `id: str` Identifier of the permission group. - `meta: Optional[PermissionGroupMeta]` Attributes associated to the permission group. - `key: Optional[str]` - `value: Optional[str]` - `name: Optional[str]` Name of the permission group. - `resources: Union[Dict[str, str], Dict[str, Dict[str, str]]]` A list of resource names that the policy applies to. - `Dict[str, str]` Map of simple string resource permissions - `Dict[str, Dict[str, str]]` Map of nested resource permissions - `condition: Optional[Condition]` - `request_ip: Optional[ConditionRequestIP]` Client IP restrictions. - `in_: Optional[SequenceNotStr[TokenConditionCIDRList]]` List of IPv4/IPv6 CIDR addresses. - `not_in: Optional[SequenceNotStr[TokenConditionCIDRList]]` List of IPv4/IPv6 CIDR addresses. - `expires_on: Optional[Union[str, datetime]]` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `not_before: Optional[Union[str, datetime]]` The time before which the token MUST NOT be accepted for processing. - `status: Optional[Literal["active", "disabled", "expired"]]` Status of the token. - `"active"` - `"disabled"` - `"expired"` ### Returns - `class Token: …` - `id: Optional[str]` Token identifier tag. - `condition: Optional[Condition]` - `request_ip: Optional[ConditionRequestIP]` Client IP restrictions. - `in_: Optional[List[TokenConditionCIDRList]]` List of IPv4/IPv6 CIDR addresses. - `not_in: Optional[List[TokenConditionCIDRList]]` List of IPv4/IPv6 CIDR addresses. - `expires_on: Optional[datetime]` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `issued_on: Optional[datetime]` The time on which the token was created. - `last_used_on: Optional[datetime]` Last time the token was used. - `modified_on: Optional[datetime]` Last time the token was modified. - `name: Optional[str]` Token name. - `not_before: Optional[datetime]` The time before which the token MUST NOT be accepted for processing. - `policies: Optional[List[TokenPolicy]]` List of access policies assigned to the token. - `id: str` Policy identifier. - `effect: Literal["allow", "deny"]` Allow or deny operations against the resources. - `"allow"` - `"deny"` - `permission_groups: List[PermissionGroup]` A set of permission groups that are specified to the policy. - `id: str` Identifier of the permission group. - `meta: Optional[PermissionGroupMeta]` Attributes associated to the permission group. - `key: Optional[str]` - `value: Optional[str]` - `name: Optional[str]` Name of the permission group. - `resources: Union[Dict[str, str], Dict[str, Dict[str, str]]]` A list of resource names that the policy applies to. - `Dict[str, str]` Map of simple string resource permissions - `Dict[str, Dict[str, str]]` Map of nested resource permissions - `status: Optional[Literal["active", "disabled", "expired"]]` Status of the token. - `"active"` - `"disabled"` - `"expired"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) token = client.user.tokens.update( token_id="ed17574386854bf78a67040be0a770b0", name="readonly token", policies=[{ "effect": "allow", "permission_groups": [{ "id": "c8fed203ed3043cba015a93ad1616f1f" }, { "id": "82e64a83756745bbbb1c9c2701bf816b" }], "resources": { "foo": "string" }, }], ) print(token.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "ed17574386854bf78a67040be0a770b0", "condition": { "request_ip": { "in": [ "123.123.123.0/24", "2606:4700::/32" ], "not_in": [ "123.123.123.100/24", "2606:4700:4700::/48" ] } }, "expires_on": "2020-01-01T00:00:00Z", "issued_on": "2018-07-01T05:20:00Z", "last_used_on": "2020-01-02T12:34:00Z", "modified_on": "2018-07-02T05:20:00Z", "name": "readonly token", "not_before": "2018-07-01T05:20:00Z", "policies": [ { "id": "f267e341f3dd4697bd3b9f71dd96247f", "effect": "allow", "permission_groups": [ { "id": "c8fed203ed3043cba015a93ad1616f1f", "meta": { "key": "key", "value": "value" }, "name": "Zone Read" }, { "id": "82e64a83756745bbbb1c9c2701bf816b", "meta": { "key": "key", "value": "value" }, "name": "Magic Network Monitoring" } ], "resources": { "foo": "string" } } ], "status": "active" } } ``` ## Delete Token `user.tokens.delete(strtoken_id) -> TokenDeleteResponse` **delete** `/user/tokens/{token_id}` Destroy a token. ### Parameters - `token_id: str` Token identifier tag. ### Returns - `class TokenDeleteResponse: …` - `id: str` Identifier ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) token = client.user.tokens.delete( "ed17574386854bf78a67040be0a770b0", ) print(token.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353" } } ``` ## Verify Token `user.tokens.verify() -> TokenVerifyResponse` **get** `/user/tokens/verify` Test whether a token works. ### Returns - `class TokenVerifyResponse: …` - `id: str` Token identifier tag. - `status: Literal["active", "disabled", "expired"]` Status of the token. - `"active"` - `"disabled"` - `"expired"` - `expires_on: Optional[datetime]` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `not_before: Optional[datetime]` The time before which the token MUST NOT be accepted for processing. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.user.tokens.verify() print(response.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "ed17574386854bf78a67040be0a770b0", "status": "active", "expires_on": "2020-01-01T00:00:00Z", "not_before": "2018-07-01T05:20:00Z" } } ``` ## Domain Types ### Token Create Response - `class TokenCreateResponse: …` - `id: Optional[str]` Token identifier tag. - `condition: Optional[Condition]` - `request_ip: Optional[ConditionRequestIP]` Client IP restrictions. - `in_: Optional[List[TokenConditionCIDRList]]` List of IPv4/IPv6 CIDR addresses. - `not_in: Optional[List[TokenConditionCIDRList]]` List of IPv4/IPv6 CIDR addresses. - `expires_on: Optional[datetime]` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `issued_on: Optional[datetime]` The time on which the token was created. - `last_used_on: Optional[datetime]` Last time the token was used. - `modified_on: Optional[datetime]` Last time the token was modified. - `name: Optional[str]` Token name. - `not_before: Optional[datetime]` The time before which the token MUST NOT be accepted for processing. - `policies: Optional[List[TokenPolicy]]` List of access policies assigned to the token. - `id: str` Policy identifier. - `effect: Literal["allow", "deny"]` Allow or deny operations against the resources. - `"allow"` - `"deny"` - `permission_groups: List[PermissionGroup]` A set of permission groups that are specified to the policy. - `id: str` Identifier of the permission group. - `meta: Optional[PermissionGroupMeta]` Attributes associated to the permission group. - `key: Optional[str]` - `value: Optional[str]` - `name: Optional[str]` Name of the permission group. - `resources: Union[Dict[str, str], Dict[str, Dict[str, str]]]` A list of resource names that the policy applies to. - `Dict[str, str]` Map of simple string resource permissions - `Dict[str, Dict[str, str]]` Map of nested resource permissions - `status: Optional[Literal["active", "disabled", "expired"]]` Status of the token. - `"active"` - `"disabled"` - `"expired"` - `value: Optional[TokenValue]` The token value. ### Token Delete Response - `class TokenDeleteResponse: …` - `id: str` Identifier ### Token Verify Response - `class TokenVerifyResponse: …` - `id: str` Token identifier tag. - `status: Literal["active", "disabled", "expired"]` Status of the token. - `"active"` - `"disabled"` - `"expired"` - `expires_on: Optional[datetime]` The expiration time on or after which the JWT MUST NOT be accepted for processing. - `not_before: Optional[datetime]` The time before which the token MUST NOT be accepted for processing. # Permission Groups ## List Token Permission Groups `user.tokens.permission_groups.list(PermissionGroupListParams**kwargs) -> SyncSinglePage[PermissionGroupListResponse]` **get** `/user/tokens/permission_groups` Find all available permission groups for API Tokens ### Parameters - `name: Optional[str]` Filter by the name of the permission group. The value must be URL-encoded. - `scope: Optional[str]` Filter by the scope of the permission group. The value must be URL-encoded. ### Returns - `class PermissionGroupListResponse: …` - `id: Optional[str]` Public ID. - `name: Optional[str]` Permission Group Name - `scopes: Optional[List[Literal["com.cloudflare.api.account", "com.cloudflare.api.account.zone", "com.cloudflare.api.user", "com.cloudflare.edge.r2.bucket"]]]` Resources to which the Permission Group is scoped - `"com.cloudflare.api.account"` - `"com.cloudflare.api.account.zone"` - `"com.cloudflare.api.user"` - `"com.cloudflare.edge.r2.bucket"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.user.tokens.permission_groups.list() page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "7cf72faf220841aabcfdfab81c43c4f6", "name": "Billing Read", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "9d24387c6e8544e2bc4024a03991339f", "name": "Load Balancing: Monitors and Pools Read", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "d2a1802cc9a34e30852f8b33869b2f3c", "name": "Load Balancing: Monitors and Pools Write", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "8b47d2786a534c08a1f94ee8f9f599ef", "name": "Workers KV Storage Read", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "f7f0eda5697f475c90846e879bab8666", "name": "Workers KV Storage Write", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "1a71c399035b4950a1bd1466bbe4f420", "name": "Workers Scripts Read", "scopes": [ "com.cloudflare.api.account" ] }, { "id": "e086da7e2179491d91ee5f35b3ca210a", "name": "Workers Scripts Write", "scopes": [ "com.cloudflare.api.account" ] } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000 } } ``` ## Domain Types ### Permission Group List Response - `class PermissionGroupListResponse: …` - `id: Optional[str]` Public ID. - `name: Optional[str]` Permission Group Name - `scopes: Optional[List[Literal["com.cloudflare.api.account", "com.cloudflare.api.account.zone", "com.cloudflare.api.user", "com.cloudflare.edge.r2.bucket"]]]` Resources to which the Permission Group is scoped - `"com.cloudflare.api.account"` - `"com.cloudflare.api.account.zone"` - `"com.cloudflare.api.user"` - `"com.cloudflare.edge.r2.bucket"` # Value ## Roll Token `user.tokens.value.update(strtoken_id, ValueUpdateParams**kwargs) -> TokenValue` **put** `/user/tokens/{token_id}/value` Roll the token secret. ### Parameters - `token_id: str` Token identifier tag. - `body: object` ### Returns - `str` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) token_value = client.user.tokens.value.update( token_id="ed17574386854bf78a67040be0a770b0", body={}, ) print(token_value) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": "8M7wS6hCpXVc-DoRnPPY_UCWPgy8aea4Wy6kCe5T" } ```