--- title: Label operations description: Use labels to describe the application use case for Web Assets operations. image: https://developers.cloudflare.com/cf-twitter-card.png --- > Documentation Index > Fetch the complete documentation index at: https://developers.cloudflare.com/security/llms.txt > Use this file to discover all available pages before exploring further. [Skip to content](#%5Ftop) # Label operations Labels add use-case context to operations. Security detections can use labels to extend relevant focus on traffic with a specific application use case. ## Managed labels Cloudflare defines managed labels. They identify common operation types, such as login flows, sign-up flows, and AI-powered operations. Some managed labels can be discovered automatically. Automatic discovery currently applies only to selected managed labels and selected plans. The following managed labels are available: | Label | Description | | ----------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | | cf-api-endpoint | Operations that serve machine-readable data or facilitate programmatic interaction. | | cf-llm | Operations that receive requests for services powered by Large Language Models (LLMs). | | cf-mcp | Operations that implement the [Model Context Protocol (MCP)](https://developers.cloudflare.com/agents/model-context-protocol/) for AI tool and data access. | | cf-contains-ads | Operations that serve web pages containing advertisements. | | cf-log-in | Operations that accept user credentials. | | cf-sign-up | Operations that create user accounts. | | cf-content | Operations that provide unique content, such as product details, reviews, or pricing. | | cf-purchase | Operations that complete a purchase. | | cf-password-reset | Operations that participate in password reset flows. | | cf-add-cart | Operations that add items to a cart or verify item availability. | | cf-add-payment | Operations that accept credit card or bank account details. | | cf-check-value | Operations that check rewards points, in-game currency, or other stored value. | | cf-add-post | Operations that post messages, reviews, or similar user-generated content. | | cf-account-update | Operations that update user account or profile details. | | cf-rss-feed | Operations that expect traffic from RSS clients. | | cf-web-page | Operations that serve HTML pages. | Note [Bot Fight Mode](https://developers.cloudflare.com/bots/get-started/bot-fight-mode/) will not block requests to operations labeled as `cf-rss-feed`. [Super Bot Fight Mode rules](https://developers.cloudflare.com/bots/get-started/super-bot-fight-mode/#ruleset-engine) will not match or challenge requests labeled as `cf-rss-feed`. ## Available detections Some detections use labels to decide which operations to inspect. The following detections can use operation labels: | Label | Related detection | | ---------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | cf-llm | [AI Security for Apps](https://developers.cloudflare.com/waf/detections/ai-security-for-apps/) | | cf-log-in | [Leaked credentials detection](https://developers.cloudflare.com/waf/detections/leaked-credentials/) and [account abuse protection](https://developers.cloudflare.com/bots/account-abuse-protection/) | | cf-sign-up | [Account abuse protection](https://developers.cloudflare.com/bots/account-abuse-protection/) | Some detections may still require product-specific configuration. For an end-to-end workflow, refer to [Define security protections](https://developers.cloudflare.com/security/web-assets/define-security-protections/). ## Custom labels Custom labels help you organize operations by owner, application, environment, and business flow. ## Apply labels Apply labels to operations from Web Assets. 1. In the Cloudflare dashboard, go to the **Web Assets** page. [ Go to **Web assets** ](https://dash.cloudflare.com/?to=/:account/:zone/security/web-assets) 2. Select the operation that you want to label. 3. Select **Edit labels**. 4. Select the managed or custom labels to apply. 5. Select **Save labels**. ## Use labels in analytics and logs You can review matched operations and managed labels in Security Analytics. You can also query or export this data. ### GraphQL Analytics API You can query matched operation and managed label data using the [GraphQL Analytics API](https://developers.cloudflare.com/analytics/graphql-api/). The `webAssetsOperationId` and `webAssetsLabelsManaged` fields are available in the `httpRequestsAdaptive` and `httpRequestsAdaptiveGroups` datasets. `webAssetsLabelsManaged` returns at most 10 labels per request. The following query returns request counts by operation ID and managed label set for traffic carrying the `cf-llm` managed label: ``` query GetAdaptiveGroups($zoneTag: string, $start: DateTime!, $end: DateTime!) { viewer { zones(filter: { zoneTag: $zoneTag }) { httpRequestsAdaptiveGroups( filter: { datetime_geq: $start datetime_leq: $end requestSource: "eyeball" webAssetsLabelsManaged_hasany: ["cf-llm"] } limit: 25 orderBy: [count_DESC] ) { count dimensions { webAssetsOperationId webAssetsLabelsManaged } } } }} ``` Replace `cf-llm` with another [managed label](#managed-labels). You can also use `webAssetsOperationId` as the only dimension to group traffic by matched operation. ### Logpush You can export per-request Web Assets data to your storage or SIEM system using [Logpush](https://developers.cloudflare.com/logs/logpush/). The `WebAssetsOperationID` and `WebAssetsLabelsManaged` fields are available in the [HTTP requests dataset](https://developers.cloudflare.com/logs/logpush/logpush-job/datasets/zone/http%5Frequests/#webassetslabelsmanaged/). ```json {"@context":"https://schema.org","@type":"TechArticle","@id":"https://developers.cloudflare.com/security/web-assets/label-operations/#page","headline":"Label operations ยท Security dashboard docs","description":"Use labels to describe the application use case for Web Assets operations.","url":"https://developers.cloudflare.com/security/web-assets/label-operations/","inLanguage":"en","image":"https://developers.cloudflare.com/cf-twitter-card.png","dateModified":"2026-06-26","publisher":{"@type":"Organization","name":"Cloudflare","url":"https://www.cloudflare.com/"},"isPartOf":{"@type":"WebSite","@id":"https://developers.cloudflare.com/#website","name":"Cloudflare Docs","url":"https://developers.cloudflare.com/"},"keywords":["GraphQL"]} {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/security/","name":"Security dashboard"}},{"@type":"ListItem","position":3,"item":{"@id":"/security/web-assets/","name":"Web Assets"}},{"@type":"ListItem","position":4,"item":{"@id":"/security/web-assets/label-operations/","name":"Label operations"}}]} ```