cloudflare · pedrosousa · Mar 6, 2025 · Feb 27, 2025
@@ -24,7 +24,7 @@ Cloudflare also recommends limiting the use of the token via client IP address f
 
 ## Creating API tokens with the API
 
-You can create a user owned token or account owned token to use with the API. Refer to the [user owned token](/api/resources/user/subresources/tokens/methods/create/) or the [account owned token](/api/resources/accounts/subresources/tokens/methods/create/) API schema docs for more information. 
+You can create a user owned token or account owned token to use with the API. Refer to the [user owned token](/api/resources/user/subresources/tokens/methods/create/) or the [account owned token](/api/resources/accounts/subresources/tokens/methods/create/) API schema docs for more information.
 
 To create a token:
 
@@ -75,7 +75,7 @@ API token policies support three resource types: `User`, `Account`, and `Zone`.
 :::note
 
 
-Fetch each object's ID by calling the appropriate `GET <object>` API. Refer to [User](/api/resources/user/methods/get/), [Account](/api/resources/accounts/methods/list/), and [Zone](/api/resources/zones/methods/list/) documentation for more details. 
+Fetch each object's ID by calling the appropriate `GET <object>` API. Refer to [User](/api/resources/user/methods/get/), [Account](/api/resources/accounts/methods/list/), and [Zone](/api/resources/zones/methods/list/) documentation for more details.
 :::
 
 ##### Account

@@ -5,7 +5,7 @@ sidebar:
   order: 5
 head:
   - tag: title
-    content: Troubleshooting | Cloudflare API 
+    content: Troubleshooting | Cloudflare API
 ---
 
 ## The token is not verified

@@ -27,7 +27,7 @@ When you onboard your website or application to Cloudflare, Cloudflare becomes t
 Cloudflare only becomes the primary authoritative DNS provider when you use the default, full DNS setup. For alternative options, refer to [DNS setups](/dns/zone-setups/).
 :::
 
-If your [domain's status](/dns/zone-setups/reference/domain-status/) is active and the queried DNS record is set to `proxied`, Cloudflare responds with an [anycast IP address](/fundamentals/concepts/cloudflare-ip-addresses/), instead of the origin IP address defined in your DNS table. 
+If your [domain's status](/dns/zone-setups/reference/domain-status/) is active and the queried DNS record is set to `proxied`, Cloudflare responds with an [anycast IP address](/fundamentals/concepts/cloudflare-ip-addresses/), instead of the origin IP address defined in your DNS table.
 
 Your domain status is active when your [nameservers are updated](/dns/nameservers/update-nameservers/) to point to Cloudflare and have been authenticated. The [proxy status](/dns/proxy-status/) defines how Cloudflare treats queries for specific DNS records. The [anycast IP address](/fundamentals/concepts/cloudflare-ip-addresses/) is used to distribute traffic amongst Cloudflare's network, which protects your website or app from [DDoS](https://www.cloudflare.com/learning/ddos/what-is-a-ddos-attack/) and other attacks, while optimizing site speed.
 

@@ -46,7 +46,7 @@ Bot Management is available to Enterprise customers as an add-on service. Contac
 
 ### cf_clearance cookie for Cloudflare bot products
 
-The `cf_clearance` cookie is required for [JavaScript detections](/bots/reference/javascript-detections/). JavaScript detections are stored in the `cf_clearance` cookie. 
+The `cf_clearance` cookie is required for [JavaScript detections](/bots/reference/javascript-detections/). JavaScript detections are stored in the `cf_clearance` cookie.
 
 ### cf\_ob\_info and cf\_use\_ob cookie for Cloudflare Always Online
 

@@ -15,7 +15,7 @@ To access compliance documentation:
 
 :::note
 
-For confidentiality purposes, only **Super Administrators** for an account can access compliance documentation. 
+For confidentiality purposes, only **Super Administrators** for an account can access compliance documentation.
 :::
 
 ## Tax documentation

@@ -14,7 +14,7 @@ We provide three primary stages of development: early access, active support, an
 
 :::note
 
-These lifecycle stages may be referred to in different terms across Cloudflare products, but the underlying principles are the same. 
+These lifecycle stages may be referred to in different terms across Cloudflare products, but the underlying principles are the same.
 :::
 
 ### Early access
@@ -47,7 +47,7 @@ The SDK ecosystem follows semantic versioning, which defines versions as follows
 
 As Cloudflare has recently swapped to [automatically generating our libraries using OpenAPI](https://blog.cloudflare.com/lessons-from-building-an-automated-sdk-pipeline), we have relaxed the strict versioning requirements on the libraries (Terraform is not changing). Minor releases *may* contain breaking changes in the forms of method, structure, or type renames as the service owners stabilize their schemas and iterate on usability improvements.
 
-If this is not suitable for your use case, pin to a known good version or use the previous major version of the library. 
+If this is not suitable for your use case, pin to a known good version or use the previous major version of the library.
 :::
 
 Depending on your needs, you should ensure your application's package manager versioning is configured correctly. At a minimum, restrict installation to the current major version of the library or tool you are using to prevent any major version upgrades occurring automatically.

@@ -20,5 +20,5 @@ Common signs that you are under DDoS attack include:
 
 :::note
 
-If you are currently under DDoS attack, refer to our guide on [responding to a DDoS attack](/ddos-protection/best-practices/respond-to-ddos-attacks/). 
+If you are currently under DDoS attack, refer to our guide on [responding to a DDoS attack](/ddos-protection/best-practices/respond-to-ddos-attacks/).
 :::
@@ -22,7 +22,7 @@ import { Render } from "~/components"
 
 :::caution
 
-Security keys only work with browsers that support the WebAuthn protocol. 
+Security keys only work with browsers that support the WebAuthn protocol.
 :::
 
 A security key provides phishing-resistant multifactor authentication to your Cloudflare account using a built-in authenticator (Apple Touch ID, Android fingerprint, or Windows Hello) or an external hardware key (like [YubiKey](https://www.yubico.com/works-with-yubikey/catalog/cloudflare/)) that connects to your computer through USB-A, USB-C, NFC, or Bluetooth.
@@ -71,7 +71,7 @@ Ensure that your hardware security key is configured and plugged in. On a Window
 
 :::note
 
-You can regenerate your backup codes at any time using the Cloudflare dashboard. 
+You can regenerate your backup codes at any time using the Cloudflare dashboard.
 :::
 
 7. Select **Next** on the backup code page to complete the recovery code setup.
@@ -82,7 +82,7 @@ You may need to reconfigure your mobile application authentication if you join a
 
 :::note
 
-Reconfiguring TOTP mobile application authentication does not turn off 2FA. 
+Reconfiguring TOTP mobile application authentication does not turn off 2FA.
 :::
 
 To reconfigure, follow [Steps 1-7](/fundamentals/setup/account/account-security/2fa/#configure-totp-mobile-application-authentication-for-two-factor-cloudflare-login) as detailed above.
@@ -95,7 +95,7 @@ Each backup code is one-time use only, but you can always request a new set of b
 
 :::note
 
-Regenerating your backup codes will invalidate your previous codes. 
+Regenerating your backup codes will invalidate your previous codes.
 :::
 
 1. Log in to the Cloudflare dashboard.
@@ -111,7 +111,7 @@ To disable 2FA for your Cloudflare account, you must delete all security keys an
 
 :::note
 
-If you are not the Super Administrator of an organization with **2FA Enforcement** enabled, you may not have permission to disable 2FA. 
+If you are not the Super Administrator of an organization with **2FA Enforcement** enabled, you may not have permission to disable 2FA.
 :::
 
 1. Log in to the Cloudflare dashboard
@@ -151,7 +151,7 @@ When setting up 2FA, you should have saved your backup codes in a secure locatio
 
 :::note
 
-Once you use a backup code, it becomes invalid. 
+Once you use a backup code, it becomes invalid.
 :::
 
 ## Recover your account

@@ -20,7 +20,7 @@ If you forget the email address associated with your application:
 
 :::note
 
-This process does not affect your account or share your email address with anyone. 
+This process does not affect your account or share your email address with anyone.
 :::
 
 If you still cannot access the email address associated with your Cloudflare account, you may need to [move your domain to another account](/fundamentals/setup/manage-domains/move-domain/).
@@ -45,7 +45,7 @@ Cloudflare recommends strong passwords. Minimum requirements are:
 
 * Password must be at least 8 characters.
 * Password must contain a digit.
-* Password must contain a special character. 
+* Password must contain a special character.
   :::
 
 ***
@@ -80,7 +80,7 @@ You have several sign-in options for the [Cloudflare dashboard](https://dash.clo
 
 :::note
 
-If you login to your Cloudflare user account with Single Sign-On (SSO), you will not be able to sign in with Apple. 
+If you login to your Cloudflare user account with Single Sign-On (SSO), you will not be able to sign in with Apple.
 :::
 
 ***

@@ -18,7 +18,7 @@ Cloudflare challenges the login by sending a one-time code that expires in 30 mi
 
 :::note
 
-Email MFA can only be disabled by enabling [two-factor authentication](/fundamentals/setup/account/account-security/2fa/). 
+Email MFA can only be disabled by enabling [two-factor authentication](/fundamentals/setup/account/account-security/2fa/).
 :::
 
 ***

@@ -5,7 +5,7 @@ updated: 2024-12-04
 
 ---
 
-Cloudflare supports bulk provisioning of users into the Cloudflare dashboard by using the System for Cross-domain Identity Management (SCIM) protocol. This allows you to connect your external identity provider (IdP) to Cloudflare and quickly onboard and manage users and their permissions. Cloudflare supports SCIM onboarding with Okta and Microsoft Entra. 
+Cloudflare supports bulk provisioning of users into the Cloudflare dashboard by using the System for Cross-domain Identity Management (SCIM) protocol. This allows you to connect your external identity provider (IdP) to Cloudflare and quickly onboard and manage users and their permissions. Cloudflare supports SCIM onboarding with Okta and Microsoft Entra.
 
 :::note
 Cloudflare Zero Trust also supports SCIM for onboarding users to Cloudflare Access. [Learn more](/cloudflare-one/identity/users/scim/)
@@ -14,7 +14,7 @@ Cloudflare Zero Trust also supports SCIM for onboarding users to Cloudflare Acce
 ## Limitations
 
 - If a user is the only Super Administrator on an Enterprise account, they will not be deprovisioned.
-- Cloudflare currently only supports [Account-scoped Roles](/fundamentals/setup/manage-members/roles/#account-scoped-roles) and does not support Domain-scoped Roles provisioning via SCIM. 
+- Cloudflare currently only supports [Account-scoped Roles](/fundamentals/setup/manage-members/roles/#account-scoped-roles) and does not support Domain-scoped Roles provisioning via SCIM.
 - Cloudflare does not allow custom user groups.
 
 ## Prerequisites
@@ -31,7 +31,7 @@ Accounts provisioned with SCIM need to verify their email addresses.
 ---
 ## Gather the required data
 
-To start, you will need to collect a couple of pieces of data from Cloudflare and set these aside for later use. 
+To start, you will need to collect a couple of pieces of data from Cloudflare and set these aside for later use.
 
 ### Get your Account ID
 
@@ -91,26 +91,26 @@ To start, you will need to collect a couple of pieces of data from Cloudflare an
 1. In **Provisioning to App**, select **Edit**.
 2. Enable **Create Users** and **Deactivate Users**. Select **Save**.
 3. In the integration page, go to **Assignments** > **Assign** > **Assign to Groups**.
-4. Choose the group(s) that you want to provision to Cloudflare. 
+4. Choose the group(s) that you want to provision to Cloudflare.
 5. Select **Done**.
 
 This will provision all of the users in the group(s) affected to your Cloudflare account with "minimal account access."
 
-### Configure user permissions 
+### Configure user permissions
 
 There are two options for managing user permissions:
 
-* Manage your user permissions on a per-user basis in the Cloudflare dashboard, API, or using Terraform. 
-* Map your IdP groups to a Cloudflare built-in [Role](/fundamentals/setup/manage-members/roles/). Groups may only be linked to one role. 
+* Manage your user permissions on a per-user basis in the Cloudflare dashboard, API, or using Terraform.
+* Map your IdP groups to a Cloudflare built-in [Role](/fundamentals/setup/manage-members/roles/). Groups may only be linked to one role.
 
 1. Go to your SCIM application in the App Integration Catalog, then select **Provisioning**.
 2. Under **To App*, select **Edit**.
 3. Enable **Create Users** and **Deactivate Users**. Select **Save**.
 4. Go to **Push Groups**.
 5. Select **+ Push Groups**, then **Find groups by name**.
-6. Enter the name of the group(s) that you want to sync to Cloudflare. 
+6. Enter the name of the group(s) that you want to sync to Cloudflare.
 7. Choose **Link Group**.
-8. Cloudflare provisioned user groups are named in the pattern `CF-<accountID> - <Role Name>`. Choose the appropriate group that maps to your target role. 
+8. Cloudflare provisioned user groups are named in the pattern `CF-<accountID> - <Role Name>`. Choose the appropriate group that maps to your target role.
 9. Disable **Rename groups**. Select **Save**.
 10. Within the **Push Groups** tab, select **Push Groups**.
 11. Add the groups you created.
@@ -153,5 +153,5 @@ Refer to the list of [Roles](/fundamentals/setup/manage-members/roles/) for more
 7. Select **Start provisioning** to view the new users and groups populated on the Cloudflare dashboard.
 
 :::note
-To successfully provision with Microsoft Entra ID, the `user principal name` and `email` fields must match. These values are case-sensitive. 
+To successfully provision with Microsoft Entra ID, the `user principal name` and `email` fields must match. These values are case-sensitive.
 :::
@@ -38,6 +38,6 @@ If you do not already own a domain and plan to use Cloudflare for your [authorit
 
 To prevent insecure connections and visitor browser errors, [make sure you have SSL/TLS protection](/ssl/get-started/).
 
-Many Cloudflare services will automatically protect and speed up your web traffic once your nameservers are updated. 
+Many Cloudflare services will automatically protect and speed up your web traffic once your nameservers are updated.
 
-To get more out of Cloudflare, refer to the [Security](/fundamentals/security/) and [Performance](/fundamentals/performance/) tasks. 
+To get more out of Cloudflare, refer to the [Security](/fundamentals/security/) and [Performance](/fundamentals/performance/) tasks.
@@ -50,7 +50,7 @@ If you need to re-add the domain in a different account, make sure the current s
    ![Remove site from Cloudflare is an option under Advanced Actions](~/assets/images/fundamentals/get-started/remove-domain.png)
 
    :::note
-   If you are using an Enterprise domain, [change your domain plan](/fundamentals/subscriptions-and-billing/change-plan/#change-plan-type) to **Free**, which will give you access to **Remove Site from Cloudflare**.<br/><br/>If this does not work, contact your Customer Success Manager. 
+   If you are using an Enterprise domain, [change your domain plan](/fundamentals/subscriptions-and-billing/change-plan/#change-plan-type) to **Free**, which will give you access to **Remove Site from Cloudflare**.<br/><br/>If this does not work, contact your Customer Success Manager.
    :::
 
 3. Select **Confirm**.
@@ -55,5 +55,5 @@ Ideally, because Cloudflare is a reverse proxy, your hosting provider observes a
 
 :::note
 
-If an attacker is directly targeting your origin web server, refer to [Respond to DDoS attacks](/ddos-protection/best-practices/respond-to-ddos-attacks/). 
+If an attacker is directly targeting your origin web server, refer to [Respond to DDoS attacks](/ddos-protection/best-practices/respond-to-ddos-attacks/).
 :::
@@ -12,7 +12,7 @@ If payment for a recurring charge for a Cloudflare plan, add-on, or subscription
 
 :::caution
 
-The five-day grace period for failed payments on recurring Cloudflare charges includes weekends and holidays. 
+The five-day grace period for failed payments on recurring Cloudflare charges includes weekends and holidays.
 :::
 
 After confirming your payment method information, Cloudflare suggests [manually updating your plan type](/fundamentals/subscriptions-and-billing/change-plan/) and subscriptions using the Cloudflare dashboard.
@@ -61,7 +61,7 @@ The billing information that Cloudflare has on file is inaccurate or incomplete.
 
 :::note
 
-Gift cards and pre-payment cards may not be accepted for payment as they are not associated with a billing address. 
+Gift cards and pre-payment cards may not be accepted for payment as they are not associated with a billing address.
 :::
 
 To ensure all billing information is current and accurate, refer to [Updating your Cloudflare billing information](/fundamentals/subscriptions-and-billing/update-billing-info/).
-Original file line number
+Diff line change
@@ Expand Up / @@ -15,7 +15,7 @@ To access compliance documentation: @@
     :::note
-    For confidentiality purposes, only **Super Administrators** for an account can access compliance documentation.
+    For confidentiality purposes, only **Super Administrators** for an account can access compliance documentation.
     :::
     ## Tax documentation
@@ Expand Down @@