API request
APIRequest is used 370 times on 169 pages.
Pages which use APIRequest
Pages
- /aegis/setup/ - Source
- /ai-gateway/evaluations/add-human-feedback-api/ - Source
- /byoip/address-maps/setup/ - Source
- /byoip/service-bindings/cdn-and-spectrum/ - Source
- /cache/advanced-configuration/cache-reserve/ - Source
- /cache/advanced-configuration/vary-for-images/ - Source
- /cache/how-to/cache-rules/create-api/ - Source
- /cache/how-to/purge-cache/purge-cache-key/ - Source
- /cache/how-to/tiered-cache/ - Source
- /china-network/reference/infrastructure/ - Source
- /cloudflare-for-platforms/cloudflare-for-saas/domain-support/custom-metadata/ - Source
- /cloudflare-for-platforms/cloudflare-for-saas/performance/early-hints-for-saas/ - Source
- /cloudflare-for-platforms/cloudflare-for-saas/security/waf-for-saas/index/ - Source
- /cloudflare-one/applications/configure-apps/dash-sso-apps/ - Source
- /cloudflare-one/connections/connect-devices/warp/configure-warp/device-profiles/ - Source
- /cloudflare-one/connections/connect-devices/warp/configure-warp/warp-modes/device-information-only/ - Source
- /cloudflare-one/connections/connect-networks/configure-tunnels/remote-tunnel-permissions/ - Source
- /cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel-api/ - Source
- /cloudflare-one/connections/connect-networks/use-cases/ssh/ssh-infrastructure-access/ - Source
- /cloudflare-one/identity/idp-integration/entra-id/ - Source
- /cloudflare-one/identity/idp-integration/generic-oidc/ - Source
- /cloudflare-one/identity/one-time-pin/ - Source
- /cloudflare-one/identity/service-tokens/ - Source
- /cloudflare-one/insights/logs/audit-logs/ - Source
- /cloudflare-one/policies/access/policy-management/ - Source
- /cloudflare-one/tutorials/user-selectable-egress-ips/ - Source
- /data-localization/metadata-boundary/get-started/ - Source
- /data-localization/regional-services/get-started/ - Source
- /dns/dns-firewall/random-prefix-attacks/setup/ - Source
- /dns/dnssec/dnssec-active-migration/ - Source
- /dns/dnssec/enable-nsec3/ - Source
- /dns/dnssec/multi-signer-dnssec/setup/ - Source
- /dns/foundation-dns/setup/ - Source
- /dns/manage-dns-records/how-to/import-and-export/ - Source
- /dns/manage-dns-records/reference/dns-record-types/ - Source
- /dns/nameservers/custom-nameservers/tenant-custom-nameservers/ - Source
- /dns/zone-setups/zone-transfers/cloudflare-as-primary/dnssec-for-primary/ - Source
- /dns/zone-setups/zone-transfers/cloudflare-as-primary/setup/ - Source
- /dns/zone-setups/zone-transfers/cloudflare-as-secondary/dnssec-for-secondary/ - Source
- /dns/zone-setups/zone-transfers/cloudflare-as-secondary/proxy-traffic/ - Source
- /load-balancing/private-network/tunnels-setup/ - Source
- /load-balancing/reference/migration-guides/health-monitor-notifications/ - Source
- /logs/get-started/api-configuration/ - Source
- /logs/get-started/enable-destinations/datadog/ - Source
- /logs/get-started/enable-destinations/elastic/ - Source
- /logs/get-started/enable-destinations/http/ - Source
- /logs/get-started/enable-destinations/ibm-cloud-logs/ - Source
- /logs/get-started/enable-destinations/ibm-qradar/ - Source
- /logs/get-started/enable-destinations/new-relic/ - Source
- /logs/get-started/enable-destinations/r2/ - Source
- /logs/get-started/enable-destinations/s3-compatible-endpoints/ - Source
- /logs/get-started/enable-destinations/splunk/ - Source
- /logs/instant-logs/ - Source
- /logs/reference/custom-fields/ - Source
- /logs/reference/filters/ - Source
- /logs/tutorials/examples/example-logpush-curl/ - Source
- /magic-network-monitoring/get-started/ - Source
- /magic-network-monitoring/tutorials/encrypt-network-flow-data/ - Source
- /magic-wan/configuration/connector/network-options/dhcp/dhcp-relay/ - Source
- /magic-wan/configuration/connector/network-options/dhcp/dhcp-server/ - Source
- /magic-wan/configuration/connector/network-options/dhcp/dhcp-static-address-reservation/ - Source
- /magic-wan/configuration/connector/network-options/network-segmentation/ - Source
- /page-shield/reference/page-shield-api/ - Source
- /pages/configuration/api/ - Source
- /rules/cloud-connector/create-api/ - Source
- /rules/compression-rules/examples/disable-all-brotli/ - Source
- /rules/compression-rules/examples/disable-compression-avif/ - Source
- /rules/compression-rules/examples/enable-zstandard/ - Source
- /rules/compression-rules/examples/gzip-for-csv/ - Source
- /rules/compression-rules/examples/only-brotli-url-path/ - Source
- /rules/configuration-rules/create-api/ - Source
- /rules/custom-errors/api-calls/ - Source
- /rules/custom-errors/create-rules/ - Source
- /rules/custom-errors/example-rules/ - Source
- /rules/origin-rules/create-api/ - Source
- /rules/snippets/create-api/ - Source
- /rules/transform/managed-transforms/configure/ - Source
- /rules/transform/request-header-modification/create-api/ - Source
- /rules/transform/response-header-modification/create-api/ - Source
- /rules/transform/url-rewrite/create-api/ - Source
- /rules/url-forwarding/bulk-redirects/create-api/ - Source
- /rules/url-forwarding/single-redirects/create-api/ - Source
- /ruleset-engine/basic-operations/add-rule-phase-rulesets/ - Source
- /ruleset-engine/basic-operations/deploy-rulesets/ - Source
- /ruleset-engine/basic-operations/view-rulesets/ - Source
- /ruleset-engine/custom-rulesets/add-rules-ruleset/ - Source
- /ruleset-engine/custom-rulesets/create-custom-ruleset/ - Source
- /ruleset-engine/custom-rulesets/deploy-custom-ruleset/ - Source
- /ruleset-engine/managed-rulesets/override-examples/deploy-cmr-joomla-only/ - Source
- /ruleset-engine/managed-rulesets/override-examples/deploy-cmr-wordpress-block/ - Source
- /ruleset-engine/managed-rulesets/override-examples/enable-selected-rules/ - Source
- /ruleset-engine/managed-rulesets/override-examples/override-ddos-rule-sensitivity/ - Source
- /ruleset-engine/managed-rulesets/override-examples/override-ruleset-tag-rule/ - Source
- /ruleset-engine/managed-rulesets/override-managed-ruleset/ - Source
- /ruleset-engine/rulesets-api/add-rule/ - Source
- /ruleset-engine/rulesets-api/create/ - Source
- /ruleset-engine/rulesets-api/delete-rule/ - Source
- /ruleset-engine/rulesets-api/delete/ - Source
- /ruleset-engine/rulesets-api/update-rule/ - Source
- /ruleset-engine/rulesets-api/update/ - Source
- /ruleset-engine/rulesets-api/view/ - Source
- /secrets-store/integrations/workers/ - Source
- /secrets-store/manage-secrets/how-to/ - Source
- /spectrum/about/byoip/ - Source
- /spectrum/about/static-ip/ - Source
- /spectrum/get-started/ - Source
- /spectrum/reference/analytics/ - Source
- /speed/optimization/content/speed-brain/ - Source
- /speed/optimization/protocol/http2-to-origin/ - Source
- /ssl/client-certificates/byo-ca/ - Source
- /ssl/edge-certificates/additional-options/cipher-suites/customize-cipher-suites/api/ - Source
- /ssl/edge-certificates/additional-options/minimum-tls/ - Source
- /ssl/edge-certificates/geokey-manager/setup/ - Source
- /ssl/origin-configuration/authenticated-origin-pull/aws-alb-integration/ - Source
- /ssl/origin-configuration/authenticated-origin-pull/set-up/manage-certificates/ - Source
- /ssl/origin-configuration/ssl-modes/index/ - Source
- /ssl/post-quantum-cryptography/pqc-to-origin/ - Source
- /waf/account/custom-rulesets/create-api/ - Source
- /waf/account/managed-rulesets/index/ - Source
- /waf/account/rate-limiting-rulesets/create-api/ - Source
- /waf/custom-rules/create-api/ - Source
- /waf/custom-rules/skip/api-examples/ - Source
- /waf/detections/leaked-credentials/api-calls/ - Source
- /waf/detections/leaked-credentials/get-started/ - Source
- /waf/detections/malicious-uploads/api-calls/ - Source
- /waf/detections/malicious-uploads/get-started/ - Source
- /waf/managed-rules/check-for-exposed-credentials/configure-api/ - Source
- /waf/managed-rules/payload-logging/configure-api/ - Source
- /waf/managed-rules/reference/exposed-credentials-check/ - Source
- /waf/managed-rules/reference/owasp-core-ruleset/configure-api/ - Source
- /waf/managed-rules/reference/sensitive-data-detection/ - Source
- /waf/managed-rules/waf-exceptions/define-api/ - Source
- /waf/rate-limiting-rules/create-api/ - Source
- /waf/tools/user-agent-blocking/ - Source
- /waf/tools/zone-lockdown/ - Source
- /waiting-room/additional-options/embed-waiting-room-in-iframe/ - Source
- /waiting-room/additional-options/waiting-room-rules/bypass-rules/ - Source
- /waiting-room/how-to/create-waiting-room/ - Source
- /waiting-room/how-to/customize-waiting-room/ - Source
- /waiting-room/how-to/edit-delete-waiting-room/ - Source
- /waiting-room/how-to/monitor-waiting-room/ - Source
- /workers-ai/features/fine-tunes/loras/ - Source
- /workers-ai/features/fine-tunes/public-loras/ - Source
Partials
- src/content/partials/byoip/service-bindings-account-info.mdx
- src/content/partials/byoip/service-bindings-create-binding.mdx
- src/content/partials/cloudflare-one/access/add-infrastructure-app.mdx
- src/content/partials/cloudflare-one/access/add-target.mdx
- src/content/partials/cloudflare-one/access/rule-group.mdx
- src/content/partials/cloudflare-one/ssh/ssh-proxy-ca.mdx
- src/content/partials/cloudflare-one/upload-mtls-cert.mdx
- src/content/partials/dns/add-mx-records.mdx
- src/content/partials/dns/internal-reference-zone-api.mdx
- src/content/partials/dns/internal-zone-create-api.mdx
- src/content/partials/load-balancing/load-balancer-create-api.mdx
- src/content/partials/load-balancing/monitor-create-api.mdx
- src/content/partials/load-balancing/pool-create-api.mdx
- src/content/partials/logs/check-log-retention.mdx
- src/content/partials/logs/disable-log-retention.mdx
- src/content/partials/logs/enable-log-retention.mdx
- src/content/partials/networking-services/mconn/app-aware-policies/breakout-prioritized.mdx
- src/content/partials/networking-services/routing/configure-routes.mdx
- src/content/partials/networking-services/routing/configure-tunnels.mdx
- src/content/partials/rules/origin-rules-api-change-host-header-dns-record.mdx
- src/content/partials/rules/origin-rules-api-change-port.mdx
- src/content/partials/spectrum/spectrum-with-load-balancer-api.mdx
- src/content/partials/ssl/forward-client-certificate.mdx
- src/content/partials/waf/leaked-credentials-detection-enable.mdx
- src/content/partials/waf/managed-rulesets/api-account-example.mdx
- src/content/partials/waf/managed-rulesets/api-zone-example.mdx
import { APIRequest } from "~/components";Required API token permissions
At least one of the following token permissions
is required:
Domain API Gateway
curl "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/api_gateway/settings/schema_validation" \ --request PUT \ --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ --json '{ "validation_default_mitigation_action": "block" }'Required API token permissions
At least one of the following token permissions
is required:
SSL and Certificates Write
curl "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/hostnames/settings/ciphers/$HOSTNAME" \ --request DELETE \ --header "X-Auth-Email: $CLOUDFLARE_EMAIL" \ --header "X-Auth-Key: $CLOUDFLARE_API_KEY"Required API token permissions
At least one of the following token permissions
is required:
Images Write
curl "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/images/v2/direct_upload" \ --request POST \ --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ --form "requireSignedURLs=true" \ --form "metadata={\"key\":\"value\"}"Required API token permissions
At least one of the following token permissions
is required:
Cloud Connector Write
curl "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/cloud_connector/rules" \ --request PUT \ --header "X-Auth-Email: $CLOUDFLARE_EMAIL" \ --header "X-Auth-Key: $CLOUDFLARE_API_KEY" \ --json '[ { "expression": "http.request.uri.path wildcard \"/images/*\"", "provider": "cloudflare_r2", "description": "Connect to R2 bucket containing images", "parameters": { "host": "mybucketcustomdomain.example.com" } } ]'Required API token permissions
At least one of the following token permissions
is required:
Page ShieldDomain Page Shield ReadDomain Page ShieldPage Shield ReadZone Settings WriteZone Settings Read
curl "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/page_shield/scripts?direction=asc" \ --request GET \ --header "X-Auth-Email: $CLOUDFLARE_EMAIL" \ --header "X-Auth-Key: $CLOUDFLARE_API_KEY"import { APIRequest } from "~/components";
<APIRequest path="/zones/{zone_id}/api_gateway/settings/schema_validation" method="PUT" json={{ validation_default_mitigation_action: "block", }} code={{ mark: [5, "block"], }} roles="Domain"/>
<APIRequest path="/zones/{zone_id}/hostnames/settings/{setting_id}/{hostname}" method="DELETE" parameters={{ setting_id: "ciphers", }}/>
<APIRequest path="/accounts/{account_id}/images/v2/direct_upload" method="POST" form={{ requireSignedURLs: true, metadata: '{"key":"value"}', }}/>
<APIRequest path="/zones/{zone_id}/cloud_connector/rules" method="PUT" json={[ { expression: 'http.request.uri.path wildcard "/images/*"', provider: "cloudflare_r2", description: "Connect to R2 bucket containing images", parameters: { host: "mybucketcustomdomain.example.com", }, }, ]}/>
<APIRequest path="/zones/{zone_id}/page_shield/scripts" method="GET" parameters={{ direction: "asc", }}/>required
type: string
The path for the API endpoint.
This can be found in our API documentation ↗, under the name of the endpoint.
required
type: "GET" | "POST" | "PUT" | "PATCH" | "DELETE" | "HEAD"
The HTTP method to use.
type: Record<string, any>
The parameters to substitute - either in the URL path or as query parameters.
For example, /zones/{zone_id}/page_shield/scripts can be transformed into /zones/123/page_shield/scripts?direction=asc with the following:
parameters={{ zone_id: "123", direction: "asc"}}If not provided, the component will default to an environment variable. For example, {setting_id} will be replaced with $SETTING_ID.
type: Record<string, any> | Record<string, any>[]
The JSON payload to send.
If required properties are missing, the component will throw an error.
Functionally, the --json option ↗ is equivalent to the --data option in cURL, but handles a few additional headers automatically.
type: Record<string, any>
The FormData payload to send.
This field is not currently validated against the schema.
type: object
An object of Expressive Code props, the following props are available:
type: string | boolean
default: true
If set to true, which is the default, all API token roles will show.
If set to false, API token roles will not be displayed.
If set to a string, the API token roles will be filtered using it as a substring (i.e, roles="domain" to filter out Account API Gateway and only leave Domain API Gateway).
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Products
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark
-
