Skip to content
Cloudflare API
Start here
API Reference

Vulnerability Scanner

Vulnerability ScannerCredential Sets

List Credential Sets
vulnerability_scanner.credential_sets.list(CredentialSetListParams**kwargs) -> SyncV4PagePaginationArray[CredentialSetListResponse]
GET/accounts/{account_id}/vuln_scanner/credential_sets
Create Credential Set
vulnerability_scanner.credential_sets.create(CredentialSetCreateParams**kwargs) -> CredentialSetCreateResponse
POST/accounts/{account_id}/vuln_scanner/credential_sets
Get Credential Set
vulnerability_scanner.credential_sets.get(strcredential_set_id, CredentialSetGetParams**kwargs) -> CredentialSetGetResponse
GET/accounts/{account_id}/vuln_scanner/credential_sets/{credential_set_id}
Update Credential Set
vulnerability_scanner.credential_sets.update(strcredential_set_id, CredentialSetUpdateParams**kwargs) -> CredentialSetUpdateResponse
PUT/accounts/{account_id}/vuln_scanner/credential_sets/{credential_set_id}
Edit Credential Set
vulnerability_scanner.credential_sets.edit(strcredential_set_id, CredentialSetEditParams**kwargs) -> CredentialSetEditResponse
PATCH/accounts/{account_id}/vuln_scanner/credential_sets/{credential_set_id}
Delete Credential Set
vulnerability_scanner.credential_sets.delete(strcredential_set_id, CredentialSetDeleteParams**kwargs) -> object
DELETE/accounts/{account_id}/vuln_scanner/credential_sets/{credential_set_id}
ModelsExpand Collapse
class CredentialSetListResponse:
id: str

Credential set identifier.

formatuuid
name: str

Human-readable name.

class CredentialSetCreateResponse:
id: str

Credential set identifier.

formatuuid
name: str

Human-readable name.

class CredentialSetGetResponse:
id: str

Credential set identifier.

formatuuid
name: str

Human-readable name.

class CredentialSetUpdateResponse:
id: str

Credential set identifier.

formatuuid
name: str

Human-readable name.

class CredentialSetEditResponse:
id: str

Credential set identifier.

formatuuid
name: str

Human-readable name.

Vulnerability ScannerCredential SetsCredentials

List Credentials
vulnerability_scanner.credential_sets.credentials.list(strcredential_set_id, CredentialListParams**kwargs) -> SyncV4PagePaginationArray[CredentialListResponse]
GET/accounts/{account_id}/vuln_scanner/credential_sets/{credential_set_id}/credentials
Create Credential
vulnerability_scanner.credential_sets.credentials.create(strcredential_set_id, CredentialCreateParams**kwargs) -> CredentialCreateResponse
POST/accounts/{account_id}/vuln_scanner/credential_sets/{credential_set_id}/credentials
Get Credential
vulnerability_scanner.credential_sets.credentials.get(strcredential_id, CredentialGetParams**kwargs) -> CredentialGetResponse
GET/accounts/{account_id}/vuln_scanner/credential_sets/{credential_set_id}/credentials/{credential_id}
Update Credential
vulnerability_scanner.credential_sets.credentials.update(strcredential_id, CredentialUpdateParams**kwargs) -> CredentialUpdateResponse
PUT/accounts/{account_id}/vuln_scanner/credential_sets/{credential_set_id}/credentials/{credential_id}
Edit Credential
vulnerability_scanner.credential_sets.credentials.edit(strcredential_id, CredentialEditParams**kwargs) -> CredentialEditResponse
PATCH/accounts/{account_id}/vuln_scanner/credential_sets/{credential_set_id}/credentials/{credential_id}
Delete Credential
vulnerability_scanner.credential_sets.credentials.delete(strcredential_id, CredentialDeleteParams**kwargs) -> object
DELETE/accounts/{account_id}/vuln_scanner/credential_sets/{credential_set_id}/credentials/{credential_id}
ModelsExpand Collapse
class CredentialListResponse:

A credential attached to API requests during scanning. The credential value is write-only and never returned in responses.

id: str

Credential identifier.

formatuuid
credential_set_id: str

Parent credential set identifier.

formatuuid
location: Literal["header", "cookie"]

Where the credential is attached in outgoing requests.

One of the following:
"header"
"cookie"
location_name: str

Name of the header or cookie where the credential is attached.

name: str

Human-readable name.

class CredentialCreateResponse:

A credential attached to API requests during scanning. The credential value is write-only and never returned in responses.

id: str

Credential identifier.

formatuuid
credential_set_id: str

Parent credential set identifier.

formatuuid
location: Literal["header", "cookie"]

Where the credential is attached in outgoing requests.

One of the following:
"header"
"cookie"
location_name: str

Name of the header or cookie where the credential is attached.

name: str

Human-readable name.

class CredentialGetResponse:

A credential attached to API requests during scanning. The credential value is write-only and never returned in responses.

id: str

Credential identifier.

formatuuid
credential_set_id: str

Parent credential set identifier.

formatuuid
location: Literal["header", "cookie"]

Where the credential is attached in outgoing requests.

One of the following:
"header"
"cookie"
location_name: str

Name of the header or cookie where the credential is attached.

name: str

Human-readable name.

class CredentialUpdateResponse:

A credential attached to API requests during scanning. The credential value is write-only and never returned in responses.

id: str

Credential identifier.

formatuuid
credential_set_id: str

Parent credential set identifier.

formatuuid
location: Literal["header", "cookie"]

Where the credential is attached in outgoing requests.

One of the following:
"header"
"cookie"
location_name: str

Name of the header or cookie where the credential is attached.

name: str

Human-readable name.

class CredentialEditResponse:

A credential attached to API requests during scanning. The credential value is write-only and never returned in responses.

id: str

Credential identifier.

formatuuid
credential_set_id: str

Parent credential set identifier.

formatuuid
location: Literal["header", "cookie"]

Where the credential is attached in outgoing requests.

One of the following:
"header"
"cookie"
location_name: str

Name of the header or cookie where the credential is attached.

name: str

Human-readable name.

Vulnerability ScannerScans

List Scans
vulnerability_scanner.scans.list(ScanListParams**kwargs) -> SyncV4PagePaginationArray[ScanListResponse]
GET/accounts/{account_id}/vuln_scanner/scans
Create Scan
vulnerability_scanner.scans.create(ScanCreateParams**kwargs) -> ScanCreateResponse
POST/accounts/{account_id}/vuln_scanner/scans
Get Scan
vulnerability_scanner.scans.get(strscan_id, ScanGetParams**kwargs) -> ScanGetResponse
GET/accounts/{account_id}/vuln_scanner/scans/{scan_id}
ModelsExpand Collapse
class ScanListResponse:
id: str

Scan identifier.

formatuuid
scan_type: Literal["bola"]

The type of vulnerability scan.

status: Literal["created", "scheduled", "planning", 3 more]

Current lifecycle status of the scan.

One of the following:
"created"
"scheduled"
"planning"
"running"
"finished"
"failed"
target_environment_id: str

The target environment this scan runs against.

formatuuid
report: Optional[Report]

Vulnerability report produced after the scan completes. The shape depends on the scan type. Present only for finished scans.

report: ReportReport

Version 1 of the BOLA vulnerability scan report.

summary: ReportReportSummary

Summary of all steps and findings.

verdict: Literal["ok", "warning", "inconclusive"]

Overall verdict of the vulnerability scan.

One of the following:
"ok"
"warning"
"inconclusive"
tests: List[ReportReportTest]

List of tests that were run.

steps: List[ReportReportTestStep]

Steps that were executed.

assertions: List[ReportReportTestStepAssertion]

Assertions that were made against the received response.

description: str

Human-readable description of the assertion, explaining what was checked.

kind: ReportReportTestStepAssertionKind

Kind of assertion.

parameters: ReportReportTestStepAssertionKindParameters

Range of HTTP status codes.

max: int

Maximum (inclusive) status code of the range.

maximum65535
minimum0
min: int

Minimum (inclusive) status code of the range.

maximum65535
minimum0
type: Literal["http_status_within_range"]
observed: Optional[int]

Observed value on which the assertion was made.

outcome: Literal["ok", "fail", "inconclusive"]

Outcome of the assertion.

One of the following:
"ok"
"fail"
"inconclusive"
errors: Optional[List[ReportReportTestStepError]]

Errors the step encountered that may explain absent or incomplete fields.

description: str

Human-readable error description.

error_code: Optional[int]

Numeric error code identifying the class of error, if available.

formatuint32
minimum0
request: Optional[ReportReportTestStepRequest]

HTTP request that was made, if any.

credential_set: ReportReportTestStepRequestCredentialSet

Credential set that was used.

id: str

ID of the credential set.

formatuuid
role: Literal["owner", "attacker"]

Role of the credential set.

One of the following:
"owner"
"attacker"
header_names: List[str]

Names of headers that were sent.

method: Literal["GET", "DELETE", "PATCH", 2 more]

HTTP method.

One of the following:
"GET"
"DELETE"
"PATCH"
"POST"
"PUT"
url: str

Exact and full URL (including host, query parameters) that was requested.

formaturi
variable_captures: List[ReportReportTestStepRequestVariableCapture]

Variable captures requested for this step.

json_path: str

JSONPath expression used for capture, e.g. "$.id".

name: str

Variable name, e.g. "resource_id".

body: Optional[object]

Request body, if any.

response: Optional[ReportReportTestStepResponse]

HTTP response that was received, if any.

body: ReportReportTestStepResponseBody

HTTP response body.

One of the following:
class ReportReportTestStepResponseBodyKind:

No body was received.

kind: Literal["not_found"]
class ReportReportTestStepResponseBodyUnionMember1:

Body received but unable to read as UTF-8. Raw bytes, base64-encoded.

contents: str
kind: Literal["bytes"]
truncated: bool
class ReportReportTestStepResponseBodyUnionMember2:

Body received as valid UTF-8 text but not valid JSON.

contents: str
kind: Literal["text"]
truncated: bool
class ReportReportTestStepResponseBodyUnionMember3:

Body received as valid JSON.

contents: str
kind: Literal["json"]
truncated: bool
header_names: List[str]

Names of headers that were received.

status: int

HTTP status code.

maximum65535
minimum0
status_text: Optional[str]

HTTP status text, if available for the status code.

verdict: Literal["ok", "warning", "inconclusive"]

Verdict of this single test.

One of the following:
"ok"
"warning"
"inconclusive"
preflight_errors: Optional[List[ReportReportTestPreflightError]]

Errors that prevented step execution.

description: str

Human-readable error description.

error_code: Optional[int]

Numeric error code identifying the class of error, if available.

formatuint32
minimum0
report_schema_version: Literal["v1"]

Version of the report schema.

class ScanCreateResponse:
id: str

Scan identifier.

formatuuid
scan_type: Literal["bola"]

The type of vulnerability scan.

status: Literal["created", "scheduled", "planning", 3 more]

Current lifecycle status of the scan.

One of the following:
"created"
"scheduled"
"planning"
"running"
"finished"
"failed"
target_environment_id: str

The target environment this scan runs against.

formatuuid
report: Optional[Report]

Vulnerability report produced after the scan completes. The shape depends on the scan type. Present only for finished scans.

report: ReportReport

Version 1 of the BOLA vulnerability scan report.

summary: ReportReportSummary

Summary of all steps and findings.

verdict: Literal["ok", "warning", "inconclusive"]

Overall verdict of the vulnerability scan.

One of the following:
"ok"
"warning"
"inconclusive"
tests: List[ReportReportTest]

List of tests that were run.

steps: List[ReportReportTestStep]

Steps that were executed.

assertions: List[ReportReportTestStepAssertion]

Assertions that were made against the received response.

description: str

Human-readable description of the assertion, explaining what was checked.

kind: ReportReportTestStepAssertionKind

Kind of assertion.

parameters: ReportReportTestStepAssertionKindParameters

Range of HTTP status codes.

max: int

Maximum (inclusive) status code of the range.

maximum65535
minimum0
min: int

Minimum (inclusive) status code of the range.

maximum65535
minimum0
type: Literal["http_status_within_range"]
observed: Optional[int]

Observed value on which the assertion was made.

outcome: Literal["ok", "fail", "inconclusive"]

Outcome of the assertion.

One of the following:
"ok"
"fail"
"inconclusive"
errors: Optional[List[ReportReportTestStepError]]

Errors the step encountered that may explain absent or incomplete fields.

description: str

Human-readable error description.

error_code: Optional[int]

Numeric error code identifying the class of error, if available.

formatuint32
minimum0
request: Optional[ReportReportTestStepRequest]

HTTP request that was made, if any.

credential_set: ReportReportTestStepRequestCredentialSet

Credential set that was used.

id: str

ID of the credential set.

formatuuid
role: Literal["owner", "attacker"]

Role of the credential set.

One of the following:
"owner"
"attacker"
header_names: List[str]

Names of headers that were sent.

method: Literal["GET", "DELETE", "PATCH", 2 more]

HTTP method.

One of the following:
"GET"
"DELETE"
"PATCH"
"POST"
"PUT"
url: str

Exact and full URL (including host, query parameters) that was requested.

formaturi
variable_captures: List[ReportReportTestStepRequestVariableCapture]

Variable captures requested for this step.

json_path: str

JSONPath expression used for capture, e.g. "$.id".

name: str

Variable name, e.g. "resource_id".

body: Optional[object]

Request body, if any.

response: Optional[ReportReportTestStepResponse]

HTTP response that was received, if any.

body: ReportReportTestStepResponseBody

HTTP response body.

One of the following:
class ReportReportTestStepResponseBodyKind:

No body was received.

kind: Literal["not_found"]
class ReportReportTestStepResponseBodyUnionMember1:

Body received but unable to read as UTF-8. Raw bytes, base64-encoded.

contents: str
kind: Literal["bytes"]
truncated: bool
class ReportReportTestStepResponseBodyUnionMember2:

Body received as valid UTF-8 text but not valid JSON.

contents: str
kind: Literal["text"]
truncated: bool
class ReportReportTestStepResponseBodyUnionMember3:

Body received as valid JSON.

contents: str
kind: Literal["json"]
truncated: bool
header_names: List[str]

Names of headers that were received.

status: int

HTTP status code.

maximum65535
minimum0
status_text: Optional[str]

HTTP status text, if available for the status code.

verdict: Literal["ok", "warning", "inconclusive"]

Verdict of this single test.

One of the following:
"ok"
"warning"
"inconclusive"
preflight_errors: Optional[List[ReportReportTestPreflightError]]

Errors that prevented step execution.

description: str

Human-readable error description.

error_code: Optional[int]

Numeric error code identifying the class of error, if available.

formatuint32
minimum0
report_schema_version: Literal["v1"]

Version of the report schema.

class ScanGetResponse:
id: str

Scan identifier.

formatuuid
scan_type: Literal["bola"]

The type of vulnerability scan.

status: Literal["created", "scheduled", "planning", 3 more]

Current lifecycle status of the scan.

One of the following:
"created"
"scheduled"
"planning"
"running"
"finished"
"failed"
target_environment_id: str

The target environment this scan runs against.

formatuuid
report: Optional[Report]

Vulnerability report produced after the scan completes. The shape depends on the scan type. Present only for finished scans.

report: ReportReport

Version 1 of the BOLA vulnerability scan report.

summary: ReportReportSummary

Summary of all steps and findings.

verdict: Literal["ok", "warning", "inconclusive"]

Overall verdict of the vulnerability scan.

One of the following:
"ok"
"warning"
"inconclusive"
tests: List[ReportReportTest]

List of tests that were run.

steps: List[ReportReportTestStep]

Steps that were executed.

assertions: List[ReportReportTestStepAssertion]

Assertions that were made against the received response.

description: str

Human-readable description of the assertion, explaining what was checked.

kind: ReportReportTestStepAssertionKind

Kind of assertion.

parameters: ReportReportTestStepAssertionKindParameters

Range of HTTP status codes.

max: int

Maximum (inclusive) status code of the range.

maximum65535
minimum0
min: int

Minimum (inclusive) status code of the range.

maximum65535
minimum0
type: Literal["http_status_within_range"]
observed: Optional[int]

Observed value on which the assertion was made.

outcome: Literal["ok", "fail", "inconclusive"]

Outcome of the assertion.

One of the following:
"ok"
"fail"
"inconclusive"
errors: Optional[List[ReportReportTestStepError]]

Errors the step encountered that may explain absent or incomplete fields.

description: str

Human-readable error description.

error_code: Optional[int]

Numeric error code identifying the class of error, if available.

formatuint32
minimum0
request: Optional[ReportReportTestStepRequest]

HTTP request that was made, if any.

credential_set: ReportReportTestStepRequestCredentialSet

Credential set that was used.

id: str

ID of the credential set.

formatuuid
role: Literal["owner", "attacker"]

Role of the credential set.

One of the following:
"owner"
"attacker"
header_names: List[str]

Names of headers that were sent.

method: Literal["GET", "DELETE", "PATCH", 2 more]

HTTP method.

One of the following:
"GET"
"DELETE"
"PATCH"
"POST"
"PUT"
url: str

Exact and full URL (including host, query parameters) that was requested.

formaturi
variable_captures: List[ReportReportTestStepRequestVariableCapture]

Variable captures requested for this step.

json_path: str

JSONPath expression used for capture, e.g. "$.id".

name: str

Variable name, e.g. "resource_id".

body: Optional[object]

Request body, if any.

response: Optional[ReportReportTestStepResponse]

HTTP response that was received, if any.

body: ReportReportTestStepResponseBody

HTTP response body.

One of the following:
class ReportReportTestStepResponseBodyKind:

No body was received.

kind: Literal["not_found"]
class ReportReportTestStepResponseBodyUnionMember1:

Body received but unable to read as UTF-8. Raw bytes, base64-encoded.

contents: str
kind: Literal["bytes"]
truncated: bool
class ReportReportTestStepResponseBodyUnionMember2:

Body received as valid UTF-8 text but not valid JSON.

contents: str
kind: Literal["text"]
truncated: bool
class ReportReportTestStepResponseBodyUnionMember3:

Body received as valid JSON.

contents: str
kind: Literal["json"]
truncated: bool
header_names: List[str]

Names of headers that were received.

status: int

HTTP status code.

maximum65535
minimum0
status_text: Optional[str]

HTTP status text, if available for the status code.

verdict: Literal["ok", "warning", "inconclusive"]

Verdict of this single test.

One of the following:
"ok"
"warning"
"inconclusive"
preflight_errors: Optional[List[ReportReportTestPreflightError]]

Errors that prevented step execution.

description: str

Human-readable error description.

error_code: Optional[int]

Numeric error code identifying the class of error, if available.

formatuint32
minimum0
report_schema_version: Literal["v1"]

Version of the report schema.

Vulnerability ScannerTarget Environments

List Target Environments
vulnerability_scanner.target_environments.list(TargetEnvironmentListParams**kwargs) -> SyncV4PagePaginationArray[TargetEnvironmentListResponse]
GET/accounts/{account_id}/vuln_scanner/target_environments
Create Target Environment
vulnerability_scanner.target_environments.create(TargetEnvironmentCreateParams**kwargs) -> TargetEnvironmentCreateResponse
POST/accounts/{account_id}/vuln_scanner/target_environments
Get Target Environment
vulnerability_scanner.target_environments.get(strtarget_environment_id, TargetEnvironmentGetParams**kwargs) -> TargetEnvironmentGetResponse
GET/accounts/{account_id}/vuln_scanner/target_environments/{target_environment_id}
Update Target Environment
vulnerability_scanner.target_environments.update(strtarget_environment_id, TargetEnvironmentUpdateParams**kwargs) -> TargetEnvironmentUpdateResponse
PUT/accounts/{account_id}/vuln_scanner/target_environments/{target_environment_id}
Edit Target Environment
vulnerability_scanner.target_environments.edit(strtarget_environment_id, TargetEnvironmentEditParams**kwargs) -> TargetEnvironmentEditResponse
PATCH/accounts/{account_id}/vuln_scanner/target_environments/{target_environment_id}
Delete Target Environment
vulnerability_scanner.target_environments.delete(strtarget_environment_id, TargetEnvironmentDeleteParams**kwargs) -> object
DELETE/accounts/{account_id}/vuln_scanner/target_environments/{target_environment_id}
ModelsExpand Collapse
class TargetEnvironmentListResponse:
id: str

Target environment identifier.

formatuuid
name: str

Human-readable name.

target: Target

Identifies the Cloudflare asset to scan. Uses a type discriminator. Currently the service supports only zone targets.

type: Literal["zone"]
zone_tag: str

Cloudflare zone tag. The zone must belong to the account.

maxLength32
description: Optional[str]

Optional description providing additional context.

class TargetEnvironmentCreateResponse:
id: str

Target environment identifier.

formatuuid
name: str

Human-readable name.

target: Target

Identifies the Cloudflare asset to scan. Uses a type discriminator. Currently the service supports only zone targets.

type: Literal["zone"]
zone_tag: str

Cloudflare zone tag. The zone must belong to the account.

maxLength32
description: Optional[str]

Optional description providing additional context.

class TargetEnvironmentGetResponse:
id: str

Target environment identifier.

formatuuid
name: str

Human-readable name.

target: Target

Identifies the Cloudflare asset to scan. Uses a type discriminator. Currently the service supports only zone targets.

type: Literal["zone"]
zone_tag: str

Cloudflare zone tag. The zone must belong to the account.

maxLength32
description: Optional[str]

Optional description providing additional context.

class TargetEnvironmentUpdateResponse:
id: str

Target environment identifier.

formatuuid
name: str

Human-readable name.

target: Target

Identifies the Cloudflare asset to scan. Uses a type discriminator. Currently the service supports only zone targets.

type: Literal["zone"]
zone_tag: str

Cloudflare zone tag. The zone must belong to the account.

maxLength32
description: Optional[str]

Optional description providing additional context.

class TargetEnvironmentEditResponse:
id: str

Target environment identifier.

formatuuid
name: str

Human-readable name.

target: Target

Identifies the Cloudflare asset to scan. Uses a type discriminator. Currently the service supports only zone targets.

type: Literal["zone"]
zone_tag: str

Cloudflare zone tag. The zone must belong to the account.

maxLength32
description: Optional[str]

Optional description providing additional context.