CloudFlare Zero Trust
  • 20 Oct 2022
  • 1 Minute to read
  • Dark
  • PDF

CloudFlare Zero Trust

  • Dark
  • PDF

Article Summary

Deliver Zero Trust Network Access on CloudFlare's Edge.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices
  • Users


  1. Host Name or IP Address (optional) - The hostname or IP address of the CloudFlare Zero Trust server.

  2. User Email (required) - Enter the user email.

  3. API Key / API Token (required) - An API Key associated with a user account that has the Required Permissions to fetch assets.


    Cloudflare highly recommends using an API token instead of an API key.

  4. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  5. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

  6. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

  7. HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

  8. To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.


Advanced Settings


From Version 4.6, Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. Parse devices records - Select whether to parse device records.
  2. Parse users records - Select whether to parse user records.


To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.


Axonius uses Cloudflare API v4.

Required Permissions

The value supplied in API Key/Token must be associated with credentials that have permissions to fetch assets.

If an API Token (recommended method) is provided, the following permissions are required:

  • Account: Zero Trust: Read
  • Account: Access: Audit Logs: Read
  • Account: Account Settings: Read

If an API Key (legacy method) is provided, it will have the same permissions as the user and will have access to all of a user’s resources.

Supported From Version

Supported from Axonius version 4.5

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.