API Reference

Zero Trust

DLP

Settings

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Partially update DLP account-level settings.

PATCH/accounts/{account_id}/dlp/settings

Missing fields keep their existing values.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Zero Trust Write

Path ParametersExpand Collapse

account_id: optional string

Body ParametersJSONExpand Collapse

ai_context_analysis: optional boolean

Whether AI context analysis is enabled at the account level.

ocr: optional boolean

Whether OCR is enabled at the account level.

payload_logging: optional object { masking_level, public_key }

Request model for payload log settings within the DLP settings endpoint. Unlike the legacy endpoint, null and missing are treated identically here (both mean “not provided” for PATCH, “reset to default” for PUT).

masking_level: optional "full" or "partial" or "clear" or "default"

Masking level for payload logs.

• full: The entire payload is masked.
• partial: Only partial payload content is masked.
• clear: No masking is applied to the payload content.
• default: DLP uses its default masking behavior.

One of the following:

"full"

"partial"

"clear"

"default"

public_key: optional string

Base64-encoded public key for encrypting payload logs.

• Set to a non-empty base64 string to enable payload logging with the given key.
• Set to an empty string to disable payload logging.
• Omit or set to null to leave unchanged (PATCH) or reset to disabled (PUT).

ReturnsExpand Collapse

errors: array of object { code, message, documentation_url, source }

code: number

minimum1000

message: string

documentation_url: optional string

source: optional object { pointer }

pointer: optional string

messages: array of object { code, message, documentation_url, source }

code: number

minimum1000

message: string

documentation_url: optional string

source: optional object { pointer }

pointer: optional string

success: true

Whether the API call was successful.

result: optional DLPSettings { ai_context_analysis, ocr, payload_logging }

DLP account-level settings response.

ai_context_analysis: boolean

Whether AI context analysis is enabled at the account level.

ocr: boolean

Whether OCR is enabled at the account level.

payload_logging: object { updated_at, masking_level, public_key }

updated_at: string

formatdate-time

masking_level: optional "full" or "partial" or "clear" or "default"

Masking level for payload logs.

• full: The entire payload is masked.
• partial: Only partial payload content is masked.
• clear: No masking is applied to the payload content.
• default: DLP uses its default masking behavior.

One of the following:

"full"

"partial"

"clear"

"default"

public_key: optional string

Base64-encoded public key for encrypting payload logs. Null when payload logging is disabled.

Partially update DLP account-level settings.

HTTP

HTTP

TypeScript

Python

Go

Terraform

curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/dlp/settings \
    -X PATCH \
    -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN"

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "ai_context_analysis": true,
    "ocr": true,
    "payload_logging": {
      "updated_at": "2019-12-27T18:11:19.117Z",
      "masking_level": "full",
      "public_key": "public_key"
    }
  }
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "ai_context_analysis": true,
    "ocr": true,
    "payload_logging": {
      "updated_at": "2019-12-27T18:11:19.117Z",
      "masking_level": "full",
      "public_key": "public_key"
    }
  }
}