Settings

Get device settings for a Zero Trust account

GET/accounts/{account_id}/devices/settings

Update device settings for a Zero Trust account

PUT/accounts/{account_id}/devices/settings

Patch device settings for a Zero Trust account

PATCH/accounts/{account_id}/devices/settings

Reset device settings for a Zero Trust account with defaults. This turns off all proxying.

DELETE/accounts/{account_id}/devices/settings

ModelsExpand Collapse

DeviceSettings { disable_for_time, external_emergency_signal_enabled, external_emergency_signal_fingerprint, 6 more }

disable_for_time: optional number

Sets the time limit, in seconds, that a user can use an override code to bypass WARP.

external_emergency_signal_enabled: optional boolean

Controls whether the external emergency disconnect feature is enabled.

external_emergency_signal_fingerprint: optional string

The SHA256 fingerprint (64 hexadecimal characters) of the HTTPS server certificate for the external_emergency_signal_url. If provided, the WARP client will use this value to verify the server’s identity. The device will ignore any response if the server’s certificate fingerprint does not exactly match this value.

external_emergency_signal_interval: optional string

The interval at which the WARP client fetches the emergency disconnect signal, formatted as a duration string (e.g., “5m”, “2m30s”, “1h”). Minimum 30 seconds.

external_emergency_signal_url: optional string

The HTTPS URL from which to fetch the emergency disconnect signal. Must use HTTPS and have an IPv4 or IPv6 address as the host.

gateway_proxy_enabled: optional boolean

Enable gateway proxy filtering on TCP.

gateway_udp_proxy_enabled: optional boolean

Enable gateway proxy filtering on UDP.

root_certificate_installation_enabled: optional boolean

Enable installation of cloudflare managed root certificate.

use_zt_virtual_ip: optional boolean

Enable using CGNAT virtual IPv4.