# Casb # Applications ## List applications `client.zeroTrust.casb.applications.list(ApplicationListParamsparams, RequestOptionsoptions?): ApplicationListResponse` **get** `/accounts/{account_id}/one/applications` Returns a list of available applications with use cases and permissions. ### Parameters - `params: ApplicationListParams` - `account_id: string` Path param: Cloudflare account identifier. - `environment?: string` Query param: Filter by supported environment (standard, fedramp). ### Returns - `ApplicationListResponse = Array` - `auth_methods: Array` Available auth methods. - `display_name: string` Human-readable auth method name. - `slug: string` Auth method identifier. - `category: string` Vendor category (e.g. Productivity, AI). - `description: string` Brief description of the integration. - `display_name: string` Human-readable vendor name. - `dlp_enabled: boolean` Whether DLP scanning is supported. - `logo: string | null` Logo path. - `permissions: Array` All permissions with severity. - `display_name: string` Human-readable permission name. - `scope: string` Vendor-native scope identifier. - `severity: "low" | "medium" | "high" | "critical"` Permission sensitivity level. * `low` - low * `medium` - medium * `high` - high * `critical` - critical - `"low"` - `"medium"` - `"high"` - `"critical"` - `slug: "BOX" | "DROPBOX" | "GITHUB" | 4 more` Vendor identifier (e.g. microsoft_internal, google_workspace). * `BOX` - BOX * `DROPBOX` - DROPBOX * `GITHUB` - GITHUB * `GOOGLE_WORKSPACE` - GOOGLE_WORKSPACE * `MICROSOFT_INTERNAL` - MICROSOFT_INTERNAL * `SALESFORCE` - SALESFORCE * `SLACK` - SLACK - `"BOX"` - `"DROPBOX"` - `"GITHUB"` - `"GOOGLE_WORKSPACE"` - `"MICROSOFT_INTERNAL"` - `"SALESFORCE"` - `"SLACK"` - `supported_environments: Array` Environments this vendor supports (standard, fedramp). - `use_cases: Array` Supported use cases. - `display_name: string` Human-readable use case name. - `slug: string` Use case identifier (e.g. casb, ces). ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const applications = await client.zeroTrust.casb.applications.list({ account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(applications); ``` #### Response ```json [ { "auth_methods": [ { "display_name": "OAuth 2.0 Admin Consent", "slug": "oauth2_standard" } ], "category": "Productivity", "description": "Monitor OneDrive, SharePoint, Teams, and Outlook.", "display_name": "Microsoft", "dlp_enabled": true, "logo": "/api/v4/accounts/12345678/casb/static/microsoft_internal.svg", "permissions": [ { "display_name": "Read all users' full profiles", "scope": "User.Read.All", "severity": "high" }, { "display_name": "Read all files", "scope": "Files.Read.All", "severity": "high" }, { "display_name": "Read and write mail", "scope": "Mail.ReadWrite", "severity": "critical" } ], "slug": "MICROSOFT_INTERNAL", "supported_environments": [ "standard", "fedramp" ], "use_cases": [ { "display_name": "Cloud Access Security Broker", "slug": "casb" }, { "display_name": "Cloud Email Security", "slug": "ces" } ] } ] ``` ## Get application details `client.zeroTrust.casb.applications.get("BOX" | "DROPBOX" | "GITHUB" | 4 moreslug, ApplicationGetParamsparams, RequestOptionsoptions?): ApplicationGetResponse` **get** `/accounts/{account_id}/one/applications/{slug}` Returns full application details including auth methods, use cases, and permissions. ### Parameters - `slug: "BOX" | "DROPBOX" | "GITHUB" | 4 more` - `"BOX"` - `"DROPBOX"` - `"GITHUB"` - `"GOOGLE_WORKSPACE"` - `"MICROSOFT_INTERNAL"` - `"SALESFORCE"` - `"SLACK"` - `params: ApplicationGetParams` - `account_id: string` Cloudflare account identifier. ### Returns - `ApplicationGetResponse` Full application detail for onboarding UI. - `auth_methods: Array` Available authentication methods. - `display_name: string` Human-readable auth method name. - `is_default: boolean` Whether this is the default auth method. - `slug: string` Auth method identifier. - `supported_environments: Array` Environments this auth method supports. - `category: string` Vendor category. - `description: string` Brief description. - `display_name: string` Human-readable vendor name. - `dlp_enabled: boolean` Whether DLP scanning is supported. - `instructions: string | null` Setup instructions for the user. - `logo: string | null` Logo path. - `slug: "BOX" | "DROPBOX" | "GITHUB" | 4 more` Vendor identifier. * `BOX` - BOX * `DROPBOX` - DROPBOX * `GITHUB` - GITHUB * `GOOGLE_WORKSPACE` - GOOGLE_WORKSPACE * `MICROSOFT_INTERNAL` - MICROSOFT_INTERNAL * `SALESFORCE` - SALESFORCE * `SLACK` - SLACK - `"BOX"` - `"DROPBOX"` - `"GITHUB"` - `"GOOGLE_WORKSPACE"` - `"MICROSOFT_INTERNAL"` - `"SALESFORCE"` - `"SLACK"` - `use_cases: Array` Use cases with full scope details. - `base_scopes: Array` Scopes always required for this use case. - `display_name: string` Human-readable permission name. - `scope: string` Vendor-native scope identifier. - `severity: "low" | "medium" | "high" | "critical"` Permission sensitivity level. * `low` - low * `medium` - medium * `high` - high * `critical` - critical - `"low"` - `"medium"` - `"high"` - `"critical"` - `description: string` Use case description. - `display_name: string` Human-readable use case name. - `features: Array` Optional features with extra scopes. - `description: string` Feature description. - `display_name: string` Human-readable feature name. - `scopes: Array` Additional scopes when feature is enabled. - `display_name: string` Human-readable permission name. - `scope: string` Vendor-native scope identifier. - `severity: "low" | "medium" | "high" | "critical"` Permission sensitivity level. * `low` - low * `medium` - medium * `high` - high * `critical` - critical - `"low"` - `"medium"` - `"high"` - `"critical"` - `slug: string` Feature identifier. - `slug: string` Use case identifier. ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const application = await client.zeroTrust.casb.applications.get('BOX', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(application.auth_methods); ``` #### Response ```json { "auth_methods": [ { "display_name": "OAuth 2.0 Admin Consent", "is_default": true, "slug": "oauth2", "supported_environments": [ "standard", "fedramp" ] } ], "category": "Productivity", "description": "Monitor OneDrive, SharePoint, Teams, and Outlook.", "display_name": "Microsoft", "dlp_enabled": true, "instructions": "You'll need a Microsoft 365 admin account with Global Admin or Application Admin role.", "logo": "/api/v4/accounts/12345678/casb/static/microsoft_internal.svg", "slug": "MICROSOFT_INTERNAL", "use_cases": [ { "base_scopes": [ { "display_name": "Read all users' full profiles", "scope": "User.Read.All", "severity": "high" }, { "display_name": "Read all files", "scope": "Files.Read.All", "severity": "high" } ], "description": "Discover and secure SaaS applications", "display_name": "Cloud Access Security Broker", "features": [ { "description": "Automatically remediate security issues", "display_name": "Auto Remediation", "scopes": [ { "display_name": "Read and write all files", "scope": "Files.ReadWrite.All", "severity": "critical" } ], "slug": "auto_remediation" } ], "slug": "casb" } ] } ``` ## Domain Types ### Application List Response - `ApplicationListResponse = Array` - `auth_methods: Array` Available auth methods. - `display_name: string` Human-readable auth method name. - `slug: string` Auth method identifier. - `category: string` Vendor category (e.g. Productivity, AI). - `description: string` Brief description of the integration. - `display_name: string` Human-readable vendor name. - `dlp_enabled: boolean` Whether DLP scanning is supported. - `logo: string | null` Logo path. - `permissions: Array` All permissions with severity. - `display_name: string` Human-readable permission name. - `scope: string` Vendor-native scope identifier. - `severity: "low" | "medium" | "high" | "critical"` Permission sensitivity level. * `low` - low * `medium` - medium * `high` - high * `critical` - critical - `"low"` - `"medium"` - `"high"` - `"critical"` - `slug: "BOX" | "DROPBOX" | "GITHUB" | 4 more` Vendor identifier (e.g. microsoft_internal, google_workspace). * `BOX` - BOX * `DROPBOX` - DROPBOX * `GITHUB` - GITHUB * `GOOGLE_WORKSPACE` - GOOGLE_WORKSPACE * `MICROSOFT_INTERNAL` - MICROSOFT_INTERNAL * `SALESFORCE` - SALESFORCE * `SLACK` - SLACK - `"BOX"` - `"DROPBOX"` - `"GITHUB"` - `"GOOGLE_WORKSPACE"` - `"MICROSOFT_INTERNAL"` - `"SALESFORCE"` - `"SLACK"` - `supported_environments: Array` Environments this vendor supports (standard, fedramp). - `use_cases: Array` Supported use cases. - `display_name: string` Human-readable use case name. - `slug: string` Use case identifier (e.g. casb, ces). ### Application Get Response - `ApplicationGetResponse` Full application detail for onboarding UI. - `auth_methods: Array` Available authentication methods. - `display_name: string` Human-readable auth method name. - `is_default: boolean` Whether this is the default auth method. - `slug: string` Auth method identifier. - `supported_environments: Array` Environments this auth method supports. - `category: string` Vendor category. - `description: string` Brief description. - `display_name: string` Human-readable vendor name. - `dlp_enabled: boolean` Whether DLP scanning is supported. - `instructions: string | null` Setup instructions for the user. - `logo: string | null` Logo path. - `slug: "BOX" | "DROPBOX" | "GITHUB" | 4 more` Vendor identifier. * `BOX` - BOX * `DROPBOX` - DROPBOX * `GITHUB` - GITHUB * `GOOGLE_WORKSPACE` - GOOGLE_WORKSPACE * `MICROSOFT_INTERNAL` - MICROSOFT_INTERNAL * `SALESFORCE` - SALESFORCE * `SLACK` - SLACK - `"BOX"` - `"DROPBOX"` - `"GITHUB"` - `"GOOGLE_WORKSPACE"` - `"MICROSOFT_INTERNAL"` - `"SALESFORCE"` - `"SLACK"` - `use_cases: Array` Use cases with full scope details. - `base_scopes: Array` Scopes always required for this use case. - `display_name: string` Human-readable permission name. - `scope: string` Vendor-native scope identifier. - `severity: "low" | "medium" | "high" | "critical"` Permission sensitivity level. * `low` - low * `medium` - medium * `high` - high * `critical` - critical - `"low"` - `"medium"` - `"high"` - `"critical"` - `description: string` Use case description. - `display_name: string` Human-readable use case name. - `features: Array` Optional features with extra scopes. - `description: string` Feature description. - `display_name: string` Human-readable feature name. - `scopes: Array` Additional scopes when feature is enabled. - `display_name: string` Human-readable permission name. - `scope: string` Vendor-native scope identifier. - `severity: "low" | "medium" | "high" | "critical"` Permission sensitivity level. * `low` - low * `medium` - medium * `high` - high * `critical` - critical - `"low"` - `"medium"` - `"high"` - `"critical"` - `slug: string` Feature identifier. - `slug: string` Use case identifier. # Setup Flows ## Get application setup flows `client.zeroTrust.casb.applications.setupFlows.list(stringslug, SetupFlowListParamsparams, RequestOptionsoptions?): SetupFlowListResponse` **get** `/accounts/{account_id}/one/applications/{slug}/setup-flows` Returns all available setup flows for the application, one per auth method. ### Parameters - `slug: string` - `params: SetupFlowListParams` - `account_id: string` Path param: Cloudflare account identifier. - `auth_method?: string` Query param: Filter by auth method slug. Get available slugs from GET /v2/applications. - `environment?: "fedramp" | "standard"` Query param: Filter by environment. - `"fedramp"` - `"standard"` ### Returns - `SetupFlowListResponse = Array` - `id: string` Setup flow identifier. - `default: boolean` Whether this is the default auth method. - `description: string` Flow description. - `name: string` Human-readable flow name. - `steps: Array` Ordered list of setup steps. - `type: "component" | "instruction" | "form_input" | "oauth_redirect"` Step type. * `component` - component * `instruction` - instruction * `form_input` - form_input * `oauth_redirect` - oauth_redirect - `"component"` - `"instruction"` - `"form_input"` - `"oauth_redirect"` - `component_id?: string | null` Component identifier (for component type). - `description?: string | null` Step description with markdown support. - `dynamic_content?: Array | null` Dynamic content blocks (for instruction/form_input). - `label: string` Display label. - `type: "copy_block" | "external_link"` Content type. * `copy_block` - copy_block * `external_link` - external_link - `"copy_block"` - `"external_link"` - `url_template?: string | null` URL template with {{ variable }} interpolation (for external_link). - `value_from?: string | null` Field path to get value from (for copy_block). - `form_fields?: Array` Form fields (for form_input). - `label: string` Human-readable field label. - `name: string` Field identifier (maps to credentials key). - `placeholder: string | null` Placeholder text. - `required: boolean` Whether field is required. - `supported_file_types: Array | null` Allowed file extensions for file_upload type. - `type: "text" | "password" | "email" | "file_upload"` Field input type. * `text` - text * `password` - password * `email` - email * `file_upload` - file_upload - `"text"` - `"password"` - `"email"` - `"file_upload"` - `is_required?: boolean` Whether step is required (for form_input). - `parameters?: Record | null` Component parameters (for component type). - `title?: string` Step title (for instruction/form_input/oauth_redirect). - `supported_environments: Array` Environments this auth method supports (standard, fedramp). - `auth_config?: AuthConfig` OAuth configuration (present for OAuth-based flows). - `authorization_url: string | null` Authorization URL for the requested environment. - `client_id: string | null` OAuth client ID. - `requires_pkce: boolean` Whether PKCE is required. - `scopes: Array` OAuth scopes to request. - `url_placeholders: Array` Placeholders in authorization URL that frontend must fill. ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const setupFlows = await client.zeroTrust.casb.applications.setupFlows.list('slug', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(setupFlows); ``` #### Response ```json [ { "default": true, "description": "Connect via a Google Cloud Service Account with Domain-Wide Delegation.", "id": "google_workspace_service_account", "name": "Google Workspace (Service Account)", "steps": [ { "component_id": "common/name_integration", "parameters": null, "type": "component" }, { "description": "In the Google Cloud Console, create a service account...", "dynamic_content": null, "title": "Create a Service Account", "type": "instruction" }, { "description": "Upload the JSON service account key file.", "dynamic_content": null, "form_fields": [ { "label": "Service Account JSON File", "name": "service_account_credentials", "placeholder": null, "required": true, "supported_file_types": [ ".json" ], "type": "file_upload" } ], "is_required": true, "title": "Upload JSON Key", "type": "form_input" }, { "description": "Navigate to your Google admin console and add the client ID.", "dynamic_content": [ { "label": "Client ID", "type": "copy_block", "value_from": "credentials.client_id" }, { "label": "OAuth Scopes", "type": "copy_block", "value_from": "required_scopes" }, { "label": "Open Domain-Wide Delegation Settings", "type": "external_link", "url_template": "https://admin.google.com/ac/owl/domainwidedelegation" } ], "title": "Delegate Domain-Wide Authority", "type": "instruction" }, { "description": "Provide the email of a Google Workspace Super Administrator.", "dynamic_content": null, "form_fields": [ { "label": "Super Administrator Email", "name": "administrator_email", "placeholder": "admin@your-domain.com", "required": true, "supported_file_types": null, "type": "email" } ], "is_required": true, "title": "Confirm Administrator Email", "type": "form_input" } ], "supported_environments": [ "standard" ] } ] ``` ## Domain Types ### Setup Flow List Response - `SetupFlowListResponse = Array` - `id: string` Setup flow identifier. - `default: boolean` Whether this is the default auth method. - `description: string` Flow description. - `name: string` Human-readable flow name. - `steps: Array` Ordered list of setup steps. - `type: "component" | "instruction" | "form_input" | "oauth_redirect"` Step type. * `component` - component * `instruction` - instruction * `form_input` - form_input * `oauth_redirect` - oauth_redirect - `"component"` - `"instruction"` - `"form_input"` - `"oauth_redirect"` - `component_id?: string | null` Component identifier (for component type). - `description?: string | null` Step description with markdown support. - `dynamic_content?: Array | null` Dynamic content blocks (for instruction/form_input). - `label: string` Display label. - `type: "copy_block" | "external_link"` Content type. * `copy_block` - copy_block * `external_link` - external_link - `"copy_block"` - `"external_link"` - `url_template?: string | null` URL template with {{ variable }} interpolation (for external_link). - `value_from?: string | null` Field path to get value from (for copy_block). - `form_fields?: Array` Form fields (for form_input). - `label: string` Human-readable field label. - `name: string` Field identifier (maps to credentials key). - `placeholder: string | null` Placeholder text. - `required: boolean` Whether field is required. - `supported_file_types: Array | null` Allowed file extensions for file_upload type. - `type: "text" | "password" | "email" | "file_upload"` Field input type. * `text` - text * `password` - password * `email` - email * `file_upload` - file_upload - `"text"` - `"password"` - `"email"` - `"file_upload"` - `is_required?: boolean` Whether step is required (for form_input). - `parameters?: Record | null` Component parameters (for component type). - `title?: string` Step title (for instruction/form_input/oauth_redirect). - `supported_environments: Array` Environments this auth method supports (standard, fedramp). - `auth_config?: AuthConfig` OAuth configuration (present for OAuth-based flows). - `authorization_url: string | null` Authorization URL for the requested environment. - `client_id: string | null` OAuth client ID. - `requires_pkce: boolean` Whether PKCE is required. - `scopes: Array` OAuth scopes to request. - `url_placeholders: Array` Placeholders in authorization URL that frontend must fill. # Integrations ## List integrations `client.zeroTrust.casb.integrations.list(IntegrationListParamsparams, RequestOptionsoptions?): IntegrationListResponse` **get** `/accounts/{account_id}/one/integrations` Returns a paginated list of integrations for the account. ### Parameters - `params: IntegrationListParams` - `account_id: string` Path param: Cloudflare account identifier. - `application?: string` Query param: Filter by application/vendor (e.g., GOOGLE_WORKSPACE, MICROSOFT_INTERNAL). - `direction?: "asc" | "desc"` Query param: Direction to order results. - `"asc"` - `"desc"` - `dlp_enabled?: boolean` Query param: Filter by DLP enabled status (true/false). - `order?: "application" | "created" | "name" | "status"` Query param: Field to order results by. - `"application"` - `"created"` - `"name"` - `"status"` - `page?: number` Query param: Page number within the paginated result set. - `page_size?: number` Query param: Number of results per page. - `search?: string` Query param: Search integrations by name or application. - `status?: "Healthy" | "Initializing" | "Offline" | "Unhealthy"` Query param: Filter by integration status. - `"Healthy"` - `"Initializing"` - `"Offline"` - `"Unhealthy"` - `use_cases?: string` Query param: Filter by enabled use cases (e.g., casb, ces). Matches integrations enrolled in any of the specified values. Can be specified multiple times. ### Returns - `IntegrationListResponse = unknown` ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const integrations = await client.zeroTrust.casb.integrations.list({ account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(integrations); ``` #### Response ```json { "errors": [], "messages": [], "result": [ { "application": { "category": "Productivity", "display_name": "Google Workspace", "logo": "https://onprem.cloudflare.com/static/google_workspace.png" }, "created": "2025-01-15T10:00:00Z", "id": "019d2e6a-d995-7185-afbd-4feead9e42ec", "is_paused": false, "name": "My Google Workspace", "status": "Healthy", "updated": "2025-04-10T08:30:00Z" } ], "result_info": { "count": 1, "next": null, "page": 1, "per_page": 10, "previous": null, "total_count": 1 }, "success": true } ``` ## Get integration details `client.zeroTrust.casb.integrations.get(stringid, IntegrationGetParamsparams, RequestOptionsoptions?): IntegrationGetResponse` **get** `/accounts/{account_id}/one/integrations/{id}` Returns full integration details including use cases and permissions. ### Parameters - `id: string` - `params: IntegrationGetParams` - `account_id: string` Cloudflare account identifier. ### Returns - `IntegrationGetResponse` Serializer for v2 integration detail response with use cases. - `id: string` Integration ID. - `application: Record` - `auth_method: Record | null` The integration's authentication method. - `authorization_link: AuthorizationLink | null` Authorization link for the integration. - `components: Record | null` - `link: string | null` - `created: string` When the integration was created. - `credentials_expiry: string` Credentials expiry time. - `dlp_profiles: Array` DLP Profiles enabled for the integration. - `health_details: Array>` Health details with remediation hints. - `is_paused: boolean` Whether the user paused the integration. - `last_hydrated: string` Last time the integration was hydrated. - `name: string` Name of the integration. - `organization_id: number` Organization ID. - `status: string` Integration status. - `updated: string` When the integration was last updated. - `use_cases: Array>` Use cases enabled for the integration. ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const integration = await client.zeroTrust.casb.integrations.get('id', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(integration.id); ``` #### Response ```json { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "application": { "foo": "string" }, "auth_method": { "foo": "string" }, "authorization_link": { "components": { "foo": "bar" }, "link": "link" }, "created": "2019-12-27T18:11:19.117Z", "credentials_expiry": "2019-12-27T18:11:19.117Z", "dlp_profiles": [ "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e" ], "health_details": [ { "foo": "bar" } ], "is_paused": true, "last_hydrated": "2019-12-27T18:11:19.117Z", "name": "name", "organization_id": 0, "status": "status", "updated": "2019-12-27T18:11:19.117Z", "use_cases": [ { "foo": "bar" } ] } ``` ## Create integration `client.zeroTrust.casb.integrations.create(IntegrationCreateParamsparams, RequestOptionsoptions?): IntegrationCreateResponse` **post** `/accounts/{account_id}/one/integrations` Creates a new integration for the specified application. Integration creation with OAuth is not supported by API at the moment. For other auth methods, use `GET /v2/applications/{slug}/credential-guide` to see the required credential structure and example payloads for each vendor. ### Parameters - `params: IntegrationCreateParams` - `account_id: string` Path param: Cloudflare account identifier. - `application: "BOX" | "DROPBOX" | "GITHUB" | 4 more` Body param: Vendor/application slug (e.g., GOOGLE_WORKSPACE). * `BOX` - BOX * `DROPBOX` - DROPBOX * `GITHUB` - GITHUB * `GOOGLE_WORKSPACE` - GOOGLE_WORKSPACE * `MICROSOFT_INTERNAL` - MICROSOFT_INTERNAL * `SALESFORCE` - SALESFORCE * `SLACK` - SLACK - `"BOX"` - `"DROPBOX"` - `"GITHUB"` - `"GOOGLE_WORKSPACE"` - `"MICROSOFT_INTERNAL"` - `"SALESFORCE"` - `"SLACK"` - `credentials: Record` Body param: Credentials for the integration. - `name: string` Body param: Name of the integration. - `auth_method?: string | null` Body param: Authentication method slug (uses default if omitted). - `dlp_profiles?: Array` Body param: List of DLP profile IDs to associate. - `permissions?: Array` Body param: List of permission scopes (uses policy defaults if empty). - `use_cases?: Array<"casb" | "ces" | "auto_remediation">` Body param: List of use case or feature slugs to enroll (e.g., ['casb', 'ces', 'auto_remediation']). - `"casb"` - `"ces"` - `"auto_remediation"` ### Returns - `IntegrationCreateResponse` Serializer for v2 integration detail response with use cases. - `id: string` Integration ID. - `application: Record` - `auth_method: Record | null` The integration's authentication method. - `authorization_link: AuthorizationLink | null` Authorization link for the integration. - `components: Record | null` - `link: string | null` - `created: string` When the integration was created. - `credentials_expiry: string` Credentials expiry time. - `dlp_profiles: Array` DLP Profiles enabled for the integration. - `health_details: Array>` Health details with remediation hints. - `is_paused: boolean` Whether the user paused the integration. - `last_hydrated: string` Last time the integration was hydrated. - `name: string` Name of the integration. - `organization_id: number` Organization ID. - `status: string` Integration status. - `updated: string` When the integration was last updated. - `use_cases: Array>` Use cases enabled for the integration. ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const integration = await client.zeroTrust.casb.integrations.create({ account_id: '023e105f4ecef8ad9ca31a8372d0c353', application: 'GOOGLE_WORKSPACE', credentials: { admin_email: 'admin@corp.com' }, name: 'My Google Workspace', auth_method: 'service_account', dlp_profiles: ['e91a2360-da51-4fdf-9711-bcdecd462614'], permissions: ['https://www.googleapis.com/auth/drive.readonly'], use_cases: ['casb', 'ces'], }); console.log(integration.id); ``` #### Response ```json { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "application": { "foo": "string" }, "auth_method": { "foo": "string" }, "authorization_link": { "components": { "foo": "bar" }, "link": "link" }, "created": "2019-12-27T18:11:19.117Z", "credentials_expiry": "2019-12-27T18:11:19.117Z", "dlp_profiles": [ "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e" ], "health_details": [ { "foo": "bar" } ], "is_paused": true, "last_hydrated": "2019-12-27T18:11:19.117Z", "name": "name", "organization_id": 0, "status": "status", "updated": "2019-12-27T18:11:19.117Z", "use_cases": [ { "foo": "bar" } ] } ``` ## Update integration `client.zeroTrust.casb.integrations.update(stringid, IntegrationUpdateParamsparams, RequestOptionsoptions?): IntegrationUpdateResponse` **patch** `/accounts/{account_id}/one/integrations/{id}` Updates an integration's name, permissions, DLP profiles, use cases, or credentials. ### Parameters - `id: string` - `params: IntegrationUpdateParams` - `account_id: string` Path param: Cloudflare account identifier. - `credentials?: Record` Body param: Partial credential fields to merge with existing. - `dlp_profiles?: Array` Body param: List of DLP profile IDs to associate with the integration. - `name?: string` Body param: Name of the integration. - `permissions?: Array` Body param: List of permission scopes granted to the integration. - `use_cases?: Array<"casb" | "ces" | "auto_remediation">` Body param: List of use case or feature slugs to enroll (e.g., ['casb', 'ces', 'auto_remediation']). - `"casb"` - `"ces"` - `"auto_remediation"` ### Returns - `IntegrationUpdateResponse` Serializer for v2 integration detail response with use cases. - `id: string` Integration ID. - `application: Record` - `auth_method: Record | null` The integration's authentication method. - `authorization_link: AuthorizationLink | null` Authorization link for the integration. - `components: Record | null` - `link: string | null` - `created: string` When the integration was created. - `credentials_expiry: string` Credentials expiry time. - `dlp_profiles: Array` DLP Profiles enabled for the integration. - `health_details: Array>` Health details with remediation hints. - `is_paused: boolean` Whether the user paused the integration. - `last_hydrated: string` Last time the integration was hydrated. - `name: string` Name of the integration. - `organization_id: number` Organization ID. - `status: string` Integration status. - `updated: string` When the integration was last updated. - `use_cases: Array>` Use cases enabled for the integration. ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const integration = await client.zeroTrust.casb.integrations.update('id', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', credentials: { access_token: 'new_access_token', refresh_token: 'new_refresh_token' }, }); console.log(integration.id); ``` #### Response ```json { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "application": { "foo": "string" }, "auth_method": { "foo": "string" }, "authorization_link": { "components": { "foo": "bar" }, "link": "link" }, "created": "2019-12-27T18:11:19.117Z", "credentials_expiry": "2019-12-27T18:11:19.117Z", "dlp_profiles": [ "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e" ], "health_details": [ { "foo": "bar" } ], "is_paused": true, "last_hydrated": "2019-12-27T18:11:19.117Z", "name": "name", "organization_id": 0, "status": "status", "updated": "2019-12-27T18:11:19.117Z", "use_cases": [ { "foo": "bar" } ] } ``` ## Delete integration `client.zeroTrust.casb.integrations.delete(stringid, IntegrationDeleteParamsparams, RequestOptionsoptions?): void` **delete** `/accounts/{account_id}/one/integrations/{id}` Delete an integration by soft-deleting it. ### Parameters - `id: string` - `params: IntegrationDeleteParams` - `account_id: string` Cloudflare account identifier. ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); await client.zeroTrust.casb.integrations.delete('id', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); ``` ## Pause integration `client.zeroTrust.casb.integrations.pause(stringid, IntegrationPauseParamsparams, RequestOptionsoptions?): IntegrationPauseResponse` **post** `/accounts/{account_id}/one/integrations/{id}/pause` Pauses an integration, stopping all crawlers. ### Parameters - `id: string` - `params: IntegrationPauseParams` - `account_id: string` Cloudflare account identifier. ### Returns - `IntegrationPauseResponse` Serializer for v2 integration detail response with use cases. - `id: string` Integration ID. - `application: Record` - `auth_method: Record | null` The integration's authentication method. - `authorization_link: AuthorizationLink | null` Authorization link for the integration. - `components: Record | null` - `link: string | null` - `created: string` When the integration was created. - `credentials_expiry: string` Credentials expiry time. - `dlp_profiles: Array` DLP Profiles enabled for the integration. - `health_details: Array>` Health details with remediation hints. - `is_paused: boolean` Whether the user paused the integration. - `last_hydrated: string` Last time the integration was hydrated. - `name: string` Name of the integration. - `organization_id: number` Organization ID. - `status: string` Integration status. - `updated: string` When the integration was last updated. - `use_cases: Array>` Use cases enabled for the integration. ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const response = await client.zeroTrust.casb.integrations.pause('id', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(response.id); ``` #### Response ```json { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "application": { "foo": "string" }, "auth_method": { "foo": "string" }, "authorization_link": { "components": { "foo": "bar" }, "link": "link" }, "created": "2019-12-27T18:11:19.117Z", "credentials_expiry": "2019-12-27T18:11:19.117Z", "dlp_profiles": [ "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e" ], "health_details": [ { "foo": "bar" } ], "is_paused": true, "last_hydrated": "2019-12-27T18:11:19.117Z", "name": "name", "organization_id": 0, "status": "status", "updated": "2019-12-27T18:11:19.117Z", "use_cases": [ { "foo": "bar" } ] } ``` ## Resume integration `client.zeroTrust.casb.integrations.resume(stringid, IntegrationResumeParamsparams, RequestOptionsoptions?): IntegrationResumeResponse` **post** `/accounts/{account_id}/one/integrations/{id}/resume` Resumes a paused integration, restarting crawlers. ### Parameters - `id: string` - `params: IntegrationResumeParams` - `account_id: string` Cloudflare account identifier. ### Returns - `IntegrationResumeResponse` Serializer for v2 integration detail response with use cases. - `id: string` Integration ID. - `application: Record` - `auth_method: Record | null` The integration's authentication method. - `authorization_link: AuthorizationLink | null` Authorization link for the integration. - `components: Record | null` - `link: string | null` - `created: string` When the integration was created. - `credentials_expiry: string` Credentials expiry time. - `dlp_profiles: Array` DLP Profiles enabled for the integration. - `health_details: Array>` Health details with remediation hints. - `is_paused: boolean` Whether the user paused the integration. - `last_hydrated: string` Last time the integration was hydrated. - `name: string` Name of the integration. - `organization_id: number` Organization ID. - `status: string` Integration status. - `updated: string` When the integration was last updated. - `use_cases: Array>` Use cases enabled for the integration. ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const response = await client.zeroTrust.casb.integrations.resume('id', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(response.id); ``` #### Response ```json { "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "application": { "foo": "string" }, "auth_method": { "foo": "string" }, "authorization_link": { "components": { "foo": "bar" }, "link": "link" }, "created": "2019-12-27T18:11:19.117Z", "credentials_expiry": "2019-12-27T18:11:19.117Z", "dlp_profiles": [ "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e" ], "health_details": [ { "foo": "bar" } ], "is_paused": true, "last_hydrated": "2019-12-27T18:11:19.117Z", "name": "name", "organization_id": 0, "status": "status", "updated": "2019-12-27T18:11:19.117Z", "use_cases": [ { "foo": "bar" } ] } ``` ## Domain Types ### Integration List Response - `IntegrationListResponse = unknown` ### Integration Get Response - `IntegrationGetResponse` Serializer for v2 integration detail response with use cases. - `id: string` Integration ID. - `application: Record` - `auth_method: Record | null` The integration's authentication method. - `authorization_link: AuthorizationLink | null` Authorization link for the integration. - `components: Record | null` - `link: string | null` - `created: string` When the integration was created. - `credentials_expiry: string` Credentials expiry time. - `dlp_profiles: Array` DLP Profiles enabled for the integration. - `health_details: Array>` Health details with remediation hints. - `is_paused: boolean` Whether the user paused the integration. - `last_hydrated: string` Last time the integration was hydrated. - `name: string` Name of the integration. - `organization_id: number` Organization ID. - `status: string` Integration status. - `updated: string` When the integration was last updated. - `use_cases: Array>` Use cases enabled for the integration. ### Integration Create Response - `IntegrationCreateResponse` Serializer for v2 integration detail response with use cases. - `id: string` Integration ID. - `application: Record` - `auth_method: Record | null` The integration's authentication method. - `authorization_link: AuthorizationLink | null` Authorization link for the integration. - `components: Record | null` - `link: string | null` - `created: string` When the integration was created. - `credentials_expiry: string` Credentials expiry time. - `dlp_profiles: Array` DLP Profiles enabled for the integration. - `health_details: Array>` Health details with remediation hints. - `is_paused: boolean` Whether the user paused the integration. - `last_hydrated: string` Last time the integration was hydrated. - `name: string` Name of the integration. - `organization_id: number` Organization ID. - `status: string` Integration status. - `updated: string` When the integration was last updated. - `use_cases: Array>` Use cases enabled for the integration. ### Integration Update Response - `IntegrationUpdateResponse` Serializer for v2 integration detail response with use cases. - `id: string` Integration ID. - `application: Record` - `auth_method: Record | null` The integration's authentication method. - `authorization_link: AuthorizationLink | null` Authorization link for the integration. - `components: Record | null` - `link: string | null` - `created: string` When the integration was created. - `credentials_expiry: string` Credentials expiry time. - `dlp_profiles: Array` DLP Profiles enabled for the integration. - `health_details: Array>` Health details with remediation hints. - `is_paused: boolean` Whether the user paused the integration. - `last_hydrated: string` Last time the integration was hydrated. - `name: string` Name of the integration. - `organization_id: number` Organization ID. - `status: string` Integration status. - `updated: string` When the integration was last updated. - `use_cases: Array>` Use cases enabled for the integration. ### Integration Pause Response - `IntegrationPauseResponse` Serializer for v2 integration detail response with use cases. - `id: string` Integration ID. - `application: Record` - `auth_method: Record | null` The integration's authentication method. - `authorization_link: AuthorizationLink | null` Authorization link for the integration. - `components: Record | null` - `link: string | null` - `created: string` When the integration was created. - `credentials_expiry: string` Credentials expiry time. - `dlp_profiles: Array` DLP Profiles enabled for the integration. - `health_details: Array>` Health details with remediation hints. - `is_paused: boolean` Whether the user paused the integration. - `last_hydrated: string` Last time the integration was hydrated. - `name: string` Name of the integration. - `organization_id: number` Organization ID. - `status: string` Integration status. - `updated: string` When the integration was last updated. - `use_cases: Array>` Use cases enabled for the integration. ### Integration Resume Response - `IntegrationResumeResponse` Serializer for v2 integration detail response with use cases. - `id: string` Integration ID. - `application: Record` - `auth_method: Record | null` The integration's authentication method. - `authorization_link: AuthorizationLink | null` Authorization link for the integration. - `components: Record | null` - `link: string | null` - `created: string` When the integration was created. - `credentials_expiry: string` Credentials expiry time. - `dlp_profiles: Array` DLP Profiles enabled for the integration. - `health_details: Array>` Health details with remediation hints. - `is_paused: boolean` Whether the user paused the integration. - `last_hydrated: string` Last time the integration was hydrated. - `name: string` Name of the integration. - `organization_id: number` Organization ID. - `status: string` Integration status. - `updated: string` When the integration was last updated. - `use_cases: Array>` Use cases enabled for the integration.