Cloudflare Zero Trust
  • 19 Mar 2024
  • 1 Minute to read
  • Dark
  • PDF

Cloudflare Zero Trust

  • Dark
  • PDF

Article summary

Deliver Zero Trust Network Access on Cloudflare's Edge.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices
  • Users


  1. Host Name or IP Address (optional) - The hostname or IP address of the Cloudflare Zero Trust server.

  2. User Email (required) - Enter the user email.

  3. API Key / API Token (required) - An API Key associated with a user account that has the Required Permissions to fetch assets.


    Cloudflare highly recommends using an API token instead of an API key.

  4. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  5. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

  6. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

  7. HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.


Advanced Settings


From Version 4.6, Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  • Endpoints Config - Click the arrow.
    • Enrich Devices with Gateway Location - Toggle on this option to add subdomain data for each device.
    • Enrich Users with Policies - Toggle on this option to add policy data for each user.


To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.


Axonius uses Cloudflare API v4.

Required Permissions

The value supplied in API Key/Token must be associated with credentials that have permissions to fetch assets.

If an API Token (recommended method) is provided, the following permissions are required:

  • Account: Zero Trust: Read
  • Account: Access: Audit Logs: Read
  • Account: Account Settings: Read

If an API Key (legacy method) is provided, it will have the same permissions as the user and will have access to all of a user’s resources.

Supported From Version

Supported from Axonius version 4.5

Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.