Skip to content
Cloudflare API
Start here
API Reference

R2

R2Buckets

List Buckets
GET/accounts/{account_id}/r2/buckets
Get Bucket
GET/accounts/{account_id}/r2/buckets/{bucket_name}
Create Bucket
POST/accounts/{account_id}/r2/buckets
Patch Bucket
PATCH/accounts/{account_id}/r2/buckets/{bucket_name}
Delete Bucket
DELETE/accounts/{account_id}/r2/buckets/{bucket_name}
ModelsExpand Collapse
Bucket = object { creation_date, jurisdiction, location, 2 more }

A single R2 bucket.

creation_date: optional string

Creation timestamp.

jurisdiction: optional "default" or "eu" or "fedramp"

Jurisdiction where objects in this bucket are guaranteed to be stored.

One of the following:
"default"
"eu"
"fedramp"
location: optional "apac" or "eeur" or "enam" or 3 more

Location of the bucket.

One of the following:
"apac"
"eeur"
"enam"
"weur"
"wnam"
"oc"
name: optional string

Name of the bucket.

maxLength64
minLength3
storage_class: optional "Standard" or "InfrequentAccess"

Storage class for newly uploaded objects, unless specified otherwise.

One of the following:
"Standard"
"InfrequentAccess"
BucketListResponse = object { buckets }
buckets: optional array of Bucket { creation_date, jurisdiction, location, 2 more }
creation_date: optional string

Creation timestamp.

jurisdiction: optional "default" or "eu" or "fedramp"

Jurisdiction where objects in this bucket are guaranteed to be stored.

One of the following:
"default"
"eu"
"fedramp"
location: optional "apac" or "eeur" or "enam" or 3 more

Location of the bucket.

One of the following:
"apac"
"eeur"
"enam"
"weur"
"wnam"
"oc"
name: optional string

Name of the bucket.

maxLength64
minLength3
storage_class: optional "Standard" or "InfrequentAccess"

Storage class for newly uploaded objects, unless specified otherwise.

One of the following:
"Standard"
"InfrequentAccess"
BucketDeleteResponse = unknown

R2BucketsLifecycle

Get Object Lifecycle Rules
GET/accounts/{account_id}/r2/buckets/{bucket_name}/lifecycle
Put Object Lifecycle Rules
PUT/accounts/{account_id}/r2/buckets/{bucket_name}/lifecycle
ModelsExpand Collapse
LifecycleGetResponse = object { rules }
rules: optional array of object { id, conditions, enabled, 3 more }
id: string

Unique identifier for this rule.

conditions: object { prefix }

Conditions that apply to all transitions of this rule.

prefix: string

Transitions will only apply to objects/uploads in the bucket that start with the given prefix, an empty prefix can be provided to scope rule to all objects/uploads.

enabled: boolean

Whether or not this rule is in effect.

abortMultipartUploadsTransition: optional object { condition }

Transition to abort ongoing multipart uploads.

condition: optional object { maxAge, type }

Condition for lifecycle transitions to apply after an object reaches an age in seconds.

maxAge: number
type: "Age"
deleteObjectsTransition: optional object { condition }

Transition to delete objects.

condition: optional object { maxAge, type } or object { date, type }

Condition for lifecycle transitions to apply after an object reaches an age in seconds.

One of the following:
R2LifecycleAgeCondition = object { maxAge, type }

Condition for lifecycle transitions to apply after an object reaches an age in seconds.

maxAge: number
type: "Age"
R2LifecycleDateCondition = object { date, type }

Condition for lifecycle transitions to apply on a specific date.

date: string
formatdate-time
type: "Date"
storageClassTransitions: optional array of object { condition, storageClass }

Transitions to change the storage class of objects.

condition: object { maxAge, type } or object { date, type }

Condition for lifecycle transitions to apply after an object reaches an age in seconds.

One of the following:
R2LifecycleAgeCondition = object { maxAge, type }

Condition for lifecycle transitions to apply after an object reaches an age in seconds.

maxAge: number
type: "Age"
R2LifecycleDateCondition = object { date, type }

Condition for lifecycle transitions to apply on a specific date.

date: string
formatdate-time
type: "Date"
storageClass: "InfrequentAccess"
LifecycleUpdateResponse = unknown

R2BucketsCORS

Get Bucket CORS Policy
GET/accounts/{account_id}/r2/buckets/{bucket_name}/cors
Put Bucket CORS Policy
PUT/accounts/{account_id}/r2/buckets/{bucket_name}/cors
Delete Bucket CORS Policy
DELETE/accounts/{account_id}/r2/buckets/{bucket_name}/cors
ModelsExpand Collapse
CORSGetResponse = object { rules }
rules: optional array of object { allowed, id, exposeHeaders, maxAgeSeconds }
allowed: object { methods, origins, headers }

Object specifying allowed origins, methods and headers for this CORS rule.

methods: array of "GET" or "PUT" or "POST" or 2 more

Specifies the value for the Access-Control-Allow-Methods header R2 sets when requesting objects in a bucket from a browser.

One of the following:
"GET"
"PUT"
"POST"
"DELETE"
"HEAD"
origins: array of string

Specifies the value for the Access-Control-Allow-Origin header R2 sets when requesting objects in a bucket from a browser.

headers: optional array of string

Specifies the value for the Access-Control-Allow-Headers header R2 sets when requesting objects in this bucket from a browser. Cross-origin requests that include custom headers (e.g. x-user-id) should specify these headers as AllowedHeaders.

id: optional string

Identifier for this rule.

exposeHeaders: optional array of string

Specifies the headers that can be exposed back, and accessed by, the JavaScript making the cross-origin request. If you need to access headers beyond the safelisted response headers, such as Content-Encoding or cf-cache-status, you must specify it here.

maxAgeSeconds: optional number

Specifies the amount of time (in seconds) browsers are allowed to cache CORS preflight responses. Browsers may limit this to 2 hours or less, even if the maximum value (86400) is specified.

CORSUpdateResponse = unknown
CORSDeleteResponse = unknown

R2BucketsDomains

R2BucketsDomainsCustom

List Custom Domains of Bucket
GET/accounts/{account_id}/r2/buckets/{bucket_name}/domains/custom
Get Custom Domain Settings
GET/accounts/{account_id}/r2/buckets/{bucket_name}/domains/custom/{domain}
Attach Custom Domain To Bucket
POST/accounts/{account_id}/r2/buckets/{bucket_name}/domains/custom
Configure Custom Domain Settings
PUT/accounts/{account_id}/r2/buckets/{bucket_name}/domains/custom/{domain}
Remove Custom Domain From Bucket
DELETE/accounts/{account_id}/r2/buckets/{bucket_name}/domains/custom/{domain}
ModelsExpand Collapse
CustomListResponse = object { domains }
domains: array of object { domain, enabled, status, 4 more }
domain: string

Domain name of the custom domain to be added.

enabled: boolean

Whether this bucket is publicly accessible at the specified custom domain.

status: object { ownership, ssl }
ownership: "pending" or "active" or "deactivated" or 3 more

Ownership status of the domain.

One of the following:
"pending"
"active"
"deactivated"
"blocked"
"error"
"unknown"
ssl: "initializing" or "pending" or "active" or 3 more

SSL certificate status.

One of the following:
"initializing"
"pending"
"active"
"deactivated"
"error"
"unknown"
ciphers: optional array of string

An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format.

minTLS: optional "1.0" or "1.1" or "1.2" or "1.3"

Minimum TLS Version the custom domain will accept for incoming connections. If not set, defaults to 1.0.

One of the following:
"1.0"
"1.1"
"1.2"
"1.3"
zoneId: optional string

Zone ID of the custom domain resides in.

zoneName: optional string

Zone that the custom domain resides in.

CustomGetResponse = object { domain, enabled, status, 4 more }
domain: string

Domain name of the custom domain to be added.

enabled: boolean

Whether this bucket is publicly accessible at the specified custom domain.

status: object { ownership, ssl }
ownership: "pending" or "active" or "deactivated" or 3 more

Ownership status of the domain.

One of the following:
"pending"
"active"
"deactivated"
"blocked"
"error"
"unknown"
ssl: "initializing" or "pending" or "active" or 3 more

SSL certificate status.

One of the following:
"initializing"
"pending"
"active"
"deactivated"
"error"
"unknown"
ciphers: optional array of string

An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format.

minTLS: optional "1.0" or "1.1" or "1.2" or "1.3"

Minimum TLS Version the custom domain will accept for incoming connections. If not set, defaults to 1.0.

One of the following:
"1.0"
"1.1"
"1.2"
"1.3"
zoneId: optional string

Zone ID of the custom domain resides in.

zoneName: optional string

Zone that the custom domain resides in.

CustomCreateResponse = object { domain, enabled, ciphers, minTLS }
domain: string

Domain name of the affected custom domain.

enabled: boolean

Whether this bucket is publicly accessible at the specified custom domain.

ciphers: optional array of string

An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format.

minTLS: optional "1.0" or "1.1" or "1.2" or "1.3"

Minimum TLS Version the custom domain will accept for incoming connections. If not set, defaults to 1.0.

One of the following:
"1.0"
"1.1"
"1.2"
"1.3"
CustomUpdateResponse = object { domain, ciphers, enabled, minTLS }
domain: string

Domain name of the affected custom domain.

ciphers: optional array of string

An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format.

enabled: optional boolean

Whether this bucket is publicly accessible at the specified custom domain.

minTLS: optional "1.0" or "1.1" or "1.2" or "1.3"

Minimum TLS Version the custom domain will accept for incoming connections. If not set, defaults to 1.0.

One of the following:
"1.0"
"1.1"
"1.2"
"1.3"
CustomDeleteResponse = object { domain }
domain: string

Name of the removed custom domain.

R2BucketsDomainsManaged

Get r2.dev Domain of Bucket
GET/accounts/{account_id}/r2/buckets/{bucket_name}/domains/managed
Update r2.dev Domain of Bucket
PUT/accounts/{account_id}/r2/buckets/{bucket_name}/domains/managed
ModelsExpand Collapse
ManagedListResponse = object { bucketId, domain, enabled }
bucketId: string

Bucket ID.

maxLength32
domain: string

Domain name of the bucket's r2.dev domain.

enabled: boolean

Whether this bucket is publicly accessible at the r2.dev domain.

ManagedUpdateResponse = object { bucketId, domain, enabled }
bucketId: string

Bucket ID.

maxLength32
domain: string

Domain name of the bucket's r2.dev domain.

enabled: boolean

Whether this bucket is publicly accessible at the r2.dev domain.

R2BucketsEvent Notifications

List Event Notification Rules
GET/accounts/{account_id}/event_notifications/r2/{bucket_name}/configuration
Get Event Notification Rule
GET/accounts/{account_id}/event_notifications/r2/{bucket_name}/configuration/queues/{queue_id}
Create Event Notification Rule
PUT/accounts/{account_id}/event_notifications/r2/{bucket_name}/configuration/queues/{queue_id}
Delete Event Notification Rules
DELETE/accounts/{account_id}/event_notifications/r2/{bucket_name}/configuration/queues/{queue_id}
ModelsExpand Collapse
EventNotificationListResponse = object { bucketName, queues }
bucketName: optional string

Name of the bucket.

queues: optional array of object { queueId, queueName, rules }

List of queues associated with the bucket.

queueId: optional string

Queue ID.

queueName: optional string

Name of the queue.

rules: optional array of object { actions, createdAt, description, 3 more }
actions: array of "PutObject" or "CopyObject" or "DeleteObject" or 2 more

Array of R2 object actions that will trigger notifications.

One of the following:
"PutObject"
"CopyObject"
"DeleteObject"
"CompleteMultipartUpload"
"LifecycleDeletion"
createdAt: optional string

Timestamp when the rule was created.

description: optional string

A description that can be used to identify the event notification rule after creation.

prefix: optional string

Notifications will be sent only for objects with this prefix.

ruleId: optional string

Rule ID.

suffix: optional string

Notifications will be sent only for objects with this suffix.

EventNotificationGetResponse = object { queueId, queueName, rules }
queueId: optional string

Queue ID.

queueName: optional string

Name of the queue.

rules: optional array of object { actions, createdAt, description, 3 more }
actions: array of "PutObject" or "CopyObject" or "DeleteObject" or 2 more

Array of R2 object actions that will trigger notifications.

One of the following:
"PutObject"
"CopyObject"
"DeleteObject"
"CompleteMultipartUpload"
"LifecycleDeletion"
createdAt: optional string

Timestamp when the rule was created.

description: optional string

A description that can be used to identify the event notification rule after creation.

prefix: optional string

Notifications will be sent only for objects with this prefix.

ruleId: optional string

Rule ID.

suffix: optional string

Notifications will be sent only for objects with this suffix.

EventNotificationUpdateResponse = unknown
EventNotificationDeleteResponse = unknown

R2BucketsLocks

Get Bucket Lock Rules
GET/accounts/{account_id}/r2/buckets/{bucket_name}/lock
Put Bucket Lock Rules
PUT/accounts/{account_id}/r2/buckets/{bucket_name}/lock
ModelsExpand Collapse
LockGetResponse = object { rules }
rules: optional array of object { id, condition, enabled, prefix }
id: string

Unique identifier for this rule.

condition: object { maxAgeSeconds, type } or object { date, type } or object { type }

Condition to apply a lock rule to an object for how long in seconds.

One of the following:
R2LockRuleAgeCondition = object { maxAgeSeconds, type }

Condition to apply a lock rule to an object for how long in seconds.

maxAgeSeconds: number
type: "Age"
R2LockRuleDateCondition = object { date, type }

Condition to apply a lock rule to an object until a specific date.

date: string
formatdate-time
type: "Date"
R2LockRuleIndefiniteCondition = object { type }

Condition to apply a lock rule indefinitely.

type: "Indefinite"
enabled: boolean

Whether or not this rule is in effect.

prefix: optional string

Rule will only apply to objects/uploads in the bucket that start with the given prefix, an empty prefix can be provided to scope rule to all objects/uploads.

LockUpdateResponse = unknown

R2BucketsMetrics

Get Account-Level Metrics
GET/accounts/{account_id}/r2/metrics
ModelsExpand Collapse
MetricListResponse = object { infrequentAccess, standard }

Metrics based on the class they belong to.

infrequentAccess: optional object { published, uploaded }

Metrics based on what state they are in(uploaded or published).

published: optional object { metadataSize, objects, payloadSize }

Metrics on number of objects/amount of storage used.

metadataSize: optional number

Amount of.

objects: optional number

Number of objects stored.

payloadSize: optional number

Amount of storage used by object data.

uploaded: optional object { metadataSize, objects, payloadSize }

Metrics on number of objects/amount of storage used.

metadataSize: optional number

Amount of.

objects: optional number

Number of objects stored.

payloadSize: optional number

Amount of storage used by object data.

standard: optional object { published, uploaded }

Metrics based on what state they are in(uploaded or published).

published: optional object { metadataSize, objects, payloadSize }

Metrics on number of objects/amount of storage used.

metadataSize: optional number

Amount of.

objects: optional number

Number of objects stored.

payloadSize: optional number

Amount of storage used by object data.

uploaded: optional object { metadataSize, objects, payloadSize }

Metrics on number of objects/amount of storage used.

metadataSize: optional number

Amount of.

objects: optional number

Number of objects stored.

payloadSize: optional number

Amount of storage used by object data.

R2BucketsSippy

Get Sippy Configuration
GET/accounts/{account_id}/r2/buckets/{bucket_name}/sippy
Enable Sippy
PUT/accounts/{account_id}/r2/buckets/{bucket_name}/sippy
Disable Sippy
DELETE/accounts/{account_id}/r2/buckets/{bucket_name}/sippy
ModelsExpand Collapse
Provider = "r2"
Sippy = object { destination, enabled, source }
destination: optional object { accessKeyId, account, bucket, provider }

Details about the configured destination bucket.

accessKeyId: optional string

ID of the Cloudflare API token used when writing objects to this bucket.

account: optional string
bucket: optional string

Name of the bucket on the provider.

provider: optional Provider
enabled: optional boolean

State of Sippy for this bucket.

source: optional object { bucket, bucketUrl, provider, region }

Details about the configured source bucket.

bucket: optional string

Name of the bucket on the provider (AWS, GCS only).

bucketUrl: optional string

S3-compatible URL (Generic S3-compatible providers only).

provider: optional "aws" or "gcs" or "s3"
One of the following:
"aws"
"gcs"
"s3"
region: optional string

Region where the bucket resides (AWS only).

SippyDeleteResponse = object { enabled }
enabled: optional false

R2Temporary Credentials

Create Temporary Access Credentials
POST/accounts/{account_id}/r2/temp-access-credentials
ModelsExpand Collapse
TemporaryCredential = object { bucket, parentAccessKeyId, permission, 3 more }
bucket: string

Name of the R2 bucket.

parentAccessKeyId: string

The parent access key id to use for signing.

permission: "admin-read-write" or "admin-read-only" or "object-read-write" or "object-read-only"

Permissions allowed on the credentials.

One of the following:
"admin-read-write"
"admin-read-only"
"object-read-write"
"object-read-only"
ttlSeconds: number

How long the credentials will live for in seconds.

maximum604800
objects: optional array of string

Optional object paths to scope the credentials to.

prefixes: optional array of string

Optional prefix paths to scope the credentials to.

TemporaryCredentialCreateResponse = object { accessKeyId, secretAccessKey, sessionToken }
accessKeyId: optional string

ID for new access key.

secretAccessKey: optional string

Secret access key.

sessionToken: optional string

Security token.

R2Super Slurper

R2Super SlurperJobs

List jobs
GET/accounts/{account_id}/slurper/jobs
Get job details
GET/accounts/{account_id}/slurper/jobs/{job_id}
Create a job
POST/accounts/{account_id}/slurper/jobs
Abort all jobs
PUT/accounts/{account_id}/slurper/jobs/abortAll
Abort a job
PUT/accounts/{account_id}/slurper/jobs/{job_id}/abort
Pause a job
PUT/accounts/{account_id}/slurper/jobs/{job_id}/pause
Get job progress
GET/accounts/{account_id}/slurper/jobs/{job_id}/progress
Resume a job
PUT/accounts/{account_id}/slurper/jobs/{job_id}/resume
ModelsExpand Collapse
JobListResponse = object { id, createdAt, finishedAt, 4 more }
id: optional string
createdAt: optional string
finishedAt: optional string
overwrite: optional boolean
source: optional object { bucket, endpoint, keys, 2 more } or object { bucket, keys, pathPrefix, vendor } or object { bucket, jurisdiction, keys, 2 more }
One of the following:
S3SourceResponseSchema = object { bucket, endpoint, keys, 2 more }
bucket: optional string
endpoint: optional string
keys: optional array of string
pathPrefix: optional string
vendor: optional "s3"
GcsSourceResponseSchema = object { bucket, keys, pathPrefix, vendor }
bucket: optional string
keys: optional array of string
pathPrefix: optional string
vendor: optional "gcs"
R2SourceResponseSchema = object { bucket, jurisdiction, keys, 2 more }
bucket: optional string
jurisdiction: optional "default" or "eu" or "fedramp"
One of the following:
"default"
"eu"
"fedramp"
keys: optional array of string
pathPrefix: optional string
vendor: optional Provider
status: optional "running" or "paused" or "aborted" or "completed"
One of the following:
"running"
"paused"
"aborted"
"completed"
target: optional object { bucket, jurisdiction, vendor }
bucket: optional string
jurisdiction: optional "default" or "eu" or "fedramp"
One of the following:
"default"
"eu"
"fedramp"
vendor: optional Provider
JobGetResponse = object { id, createdAt, finishedAt, 4 more }
id: optional string
createdAt: optional string
finishedAt: optional string
overwrite: optional boolean
source: optional object { bucket, endpoint, keys, 2 more } or object { bucket, keys, pathPrefix, vendor } or object { bucket, jurisdiction, keys, 2 more }
One of the following:
S3SourceResponseSchema = object { bucket, endpoint, keys, 2 more }
bucket: optional string
endpoint: optional string
keys: optional array of string
pathPrefix: optional string
vendor: optional "s3"
GcsSourceResponseSchema = object { bucket, keys, pathPrefix, vendor }
bucket: optional string
keys: optional array of string
pathPrefix: optional string
vendor: optional "gcs"
R2SourceResponseSchema = object { bucket, jurisdiction, keys, 2 more }
bucket: optional string
jurisdiction: optional "default" or "eu" or "fedramp"
One of the following:
"default"
"eu"
"fedramp"
keys: optional array of string
pathPrefix: optional string
vendor: optional Provider
status: optional "running" or "paused" or "aborted" or "completed"
One of the following:
"running"
"paused"
"aborted"
"completed"
target: optional object { bucket, jurisdiction, vendor }
bucket: optional string
jurisdiction: optional "default" or "eu" or "fedramp"
One of the following:
"default"
"eu"
"fedramp"
vendor: optional Provider
JobCreateResponse = object { id }
id: optional string
JobAbortAllResponse = string
JobAbortResponse = string
JobPauseResponse = string
JobProgressResponse = object { id, createdAt, failedObjects, 4 more }
id: optional string
createdAt: optional string
failedObjects: optional number
objects: optional number
skippedObjects: optional number
status: optional "running" or "paused" or "aborted" or "completed"
One of the following:
"running"
"paused"
"aborted"
"completed"
transferredObjects: optional number
JobResumeResponse = string

R2Super SlurperJobsLogs

Get job logs
GET/accounts/{account_id}/slurper/jobs/{job_id}/logs
ModelsExpand Collapse
LogListResponse = object { createdAt, job, logType, 2 more }
createdAt: optional string
job: optional string
logType: optional "migrationStart" or "migrationComplete" or "migrationAbort" or 12 more
One of the following:
"migrationStart"
"migrationComplete"
"migrationAbort"
"migrationError"
"migrationPause"
"migrationResume"
"migrationErrorFailedContinuation"
"importErrorRetryExhaustion"
"importSkippedStorageClass"
"importSkippedOversized"
"importSkippedEmptyObject"
"importSkippedUnsupportedContentType"
"importSkippedExcludedContentType"
"importSkippedInvalidMedia"
"importSkippedRequiresRetrieval"
message: optional string
objectKey: optional string

R2Super SlurperConnectivity Precheck

Check source connectivity
PUT/accounts/{account_id}/slurper/source/connectivity-precheck
Check target connectivity
PUT/accounts/{account_id}/slurper/target/connectivity-precheck
ModelsExpand Collapse
ConnectivityPrecheckSourceResponse = object { connectivityStatus }
connectivityStatus: optional "success" or "error"
One of the following:
"success"
"error"
ConnectivityPrecheckTargetResponse = object { connectivityStatus }
connectivityStatus: optional "success" or "error"
One of the following:
"success"
"error"