Skip to content

Common API calls

Required API token permissions

The API token used in API requests to manage the leaked credentials detection and custom detection locations must have one of the following permissions:

  • Zone WAF Edit
  • Account WAF Edit

General operations

The following API examples cover basic operations such as enabling and disabling the leaked credentials detection.

Turn on leaked credentials detection

To turn on leaked credentials detection, use a POST request similar to the following:

Terminal window
curl "https://api.cloudflare.com/client/v4/zones/{zone_id}/leaked-credential-checks" \
--header "X-Auth-Email: <EMAIL>" \
--header "X-Auth-Key: <API_KEY>" \
--header "Content-Type: application/json" \
--data '{ "enabled": true }'

Turn off leaked credentials detection

To turn off leaked credentials detection, use a POST request similar to the following:

Terminal window
curl "https://api.cloudflare.com/client/v4/zones/{zone_id}/leaked-credential-checks" \
--header "X-Auth-Email: <EMAIL>" \
--header "X-Auth-Key: <API_KEY>" \
--header "Content-Type: application/json" \
--data '{ "enabled": false }'

Get status of leaked credentials detection

To obtain the current status of the leaked credentials detection, use a GET request similar to the following:

Terminal window
curl "https://api.cloudflare.com/client/v4/zones/{zone_id}/leaked-credential-checks" \
--header "X-Auth-Email: <EMAIL>" \
--header "X-Auth-Key: <API_KEY>"
{
"result": {
"enabled": true
},
"success": true,
"errors": [],
"messages": []
}

Custom detection location operations

The following API examples cover operations on custom detection locations for leaked credentials detection.

Add a custom detection location

Use a POST request similar to the following:

Terminal window
curl "https://api.cloudflare.com/client/v4/zones/{zone_id}/leaked-credential-checks/detections" \
--header "X-Auth-Email: <EMAIL>" \
--header "X-Auth-Key: <API_KEY>" \
--header "Content-Type: application/json" \
--data '{
"username": "lookup_json_string(http.request.body.raw, \"user\")",
"password": "lookup_json_string(http.request.body.raw, \"secret\")"
}'

Get existing custom detection locations

To get a list of existing custom detection locations, use a GET request similar to the following:

Terminal window
curl "https://api.cloudflare.com/client/v4/zones/{zone_id}/leaked-credential-checks/detections" \
--header "X-Auth-Email: <EMAIL>" \
--header "X-Auth-Key: <API_KEY>"
{
"result": [
{
"id": "<ITEM_ID>",
"username": "lookup_json_string(http.request.body.raw, \"user\")",
"password": "lookup_json_string(http.request.body.raw, \"secret\")"
}
// (...)
],
"success": true,
"errors": [],
"messages": []
}

Delete a custom detection location

Use a DELETE request similar to the following:

Terminal window
curl --request DELETE \
"https://api.cloudflare.com/client/v4/zones/{zone_id}/leaked-credential-checks/detections/{item_id}" \
--header "X-Auth-Email: <EMAIL>" \
--header "X-Auth-Key: <API_KEY>"