Cloudflare API | Rate Limits › List Rate Limits

API Reference

Account & User Management

Resource Sharing

AI

Certificate Management

Certificate Authorities

Client Certificates

Custom Certificates

Custom Hostnames

Keyless Certificates

MTLS Certificates

Origin CA Certificates

Origin Post Quantum Encryption

Origin TLS Client Auth

Cloudflare One

DNS

Account Custom Nameservers

Domain/Zone Management

IP Addresses

Media

Networking

Magic Cloud Networking

Magic Network Monitoring

Network Interconnects

Observability

Security Center

Radar

Routing & Performance

Rules

Cloud Connector

Managed Transforms

URL Normalization

Security

Schema Validation

Content Scanning

Leaked Credential Checks

Create a rate limit

Delete a rate limit

Update a rate limit

Get a rate limit

List rate limits

Storage & Databases

Threat Intelligence

Brand Protection

Workers & Pages

Browser Rendering

Durable Objects

Workers For Platforms

Shared

Rate Limits

rate_limits

Methods

Create A Rate Limit -> Envelope<

>

Deprecated

post/zones/{zone_id}/rate_limits

Creates a new rate limit for a zone. Refer to the object definition for a list of required attributes.

Delete A Rate Limit -> Envelope<{ id, action, bypass, 5 more... }>

Deprecated

delete/zones/{zone_id}/rate_limits/{rate_limit_id}

Deletes an existing rate limit.

Update A Rate Limit -> Envelope<

>

Deprecated

put/zones/{zone_id}/rate_limits/{rate_limit_id}

Updates an existing rate limit.

Get A Rate Limit -> Envelope<

>

Deprecated

get/zones/{zone_id}/rate_limits/{rate_limit_id}

Fetches the details of a rate limit.

List Rate Limits -> V4PagePaginationArray<

>

Deprecated

get/zones/{zone_id}/rate_limits

Fetches the rate limits for a zone.

Security

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example: Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

Accepted Permissions (at least one required)

Firewall Services Write Firewall Services Read

path Parameters

zone_id: string

(maxLength: 32)

Defines an identifier.

query Parameters

page: number

Optional

(minimum: 1, default: 1)

Defines the page number of paginated results.

per_page: number

Optional

(maximum: 1000, minimum: 1, default: 20)

Defines the maximum number of results per page. You can only set the value to 1 or to a multiple of 5 such as 5, 10, 15, or 20.

Response fields

errors: Array<

>

messages: Array<

>

result: Array<

>

success: true

Defines whether the API call was successful.

result_info: { count, page, per_page, 1 more... }

Optional

Request example

curl https://api.cloudflare.com/client/v4/zones/$ZONE_ID/rate_limits \
    -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \
    -H "X-Auth-Key: $CLOUDFLARE_API_KEY"

200Example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": [
    {
      "action": {
        "mode": "challenge",
        "response": {
          "body": "<error>This request has been rate-limited.</error>",
          "content_type": "text/xml"
        },
        "timeout": 86400
      },
      "bypass": [
        {
          "name": "url",
          "value": "api.example.com/*"
        }
      ],
      "description": "Prevent multiple login failures to mitigate brute force attacks",
      "disabled": false,
      "match": {
        "headers": [
          {
            "name": "Cf-Cache-Status",
            "op": "ne",
            "value": "HIT"
          }
        ],
        "request": {
          "methods": [
            "GET",
            "POST"
          ],
          "schemes": [
            "HTTP",
            "HTTPS"
          ],
          "url": "*.example.org/path*"
        },
        "response": {
          "origin_traffic": true
        }
      },
      "period": 900,
      "threshold": 60
    }
  ],
  "success": true,
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000
  }
}

Domain types

Action = "block" | "challenge" | "js_challenge" | 4 more...

The action to apply to a matched request. The log action is only available on an Enterprise plan.

RateLimit = { id, action, bypass, 5 more... }