1. Packages
  2. Cloudflare Provider
  3. API Docs
  4. TokenValidationConfig
Cloudflare v6.12.0 published on Wednesday, Dec 24, 2025 by Pulumi
Schema (JSON)
pulumi/pulumi-cloudflare

cloudflare.TokenValidationConfig

cloudflare logo
Cloudflare v6.12.0 published on Wednesday, Dec 24, 2025 by Pulumi
Schema (JSON)
pulumi/pulumi-cloudflare

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";

const exampleTokenValidationConfig = new cloudflare.TokenValidationConfig("example_token_validation_config", {
    zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
    credentials: {
        keys: [{
            alg: "ES256",
            crv: "P-256",
            kid: "38013f13-c266-4eec-a72a-92ec92779f21",
            kty: "EC",
            x: "KN53JRwN3wCjm2o39bvZUX2VdrsHzS8pxOAGjm8m7EQ",
            y: "lnkkzIxaveggz-HFhcMWW15nxvOj0Z_uQsXbpK0GFcY",
        }],
    },
    description: "Long description for Token Validation Configuration",
    title: "Example Token Validation Configuration",
    tokenSources: [
        "http.request.headers[\"x-auth\"][0]",
        "http.request.cookies[\"Authorization\"][0]",
    ],
    tokenType: "JWT",
});

    import pulumi
import pulumi_cloudflare as cloudflare

example_token_validation_config = cloudflare.TokenValidationConfig("example_token_validation_config",
    zone_id="023e105f4ecef8ad9ca31a8372d0c353",
    credentials={
        "keys": [{
            "alg": "ES256",
            "crv": "P-256",
            "kid": "38013f13-c266-4eec-a72a-92ec92779f21",
            "kty": "EC",
            "x": "KN53JRwN3wCjm2o39bvZUX2VdrsHzS8pxOAGjm8m7EQ",
            "y": "lnkkzIxaveggz-HFhcMWW15nxvOj0Z_uQsXbpK0GFcY",
        }],
    },
    description="Long description for Token Validation Configuration",
    title="Example Token Validation Configuration",
    token_sources=[
        "http.request.headers[\"x-auth\"][0]",
        "http.request.cookies[\"Authorization\"][0]",
    ],
    token_type="JWT")

    package main

import (
	"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudflare.NewTokenValidationConfig(ctx, "example_token_validation_config", &cloudflare.TokenValidationConfigArgs{
			ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
			Credentials: &cloudflare.TokenValidationConfigCredentialsArgs{
				Keys: cloudflare.TokenValidationConfigCredentialsKeyArray{
					&cloudflare.TokenValidationConfigCredentialsKeyArgs{
						Alg: pulumi.String("ES256"),
						Crv: pulumi.String("P-256"),
						Kid: pulumi.String("38013f13-c266-4eec-a72a-92ec92779f21"),
						Kty: pulumi.String("EC"),
						X:   pulumi.String("KN53JRwN3wCjm2o39bvZUX2VdrsHzS8pxOAGjm8m7EQ"),
						Y:   pulumi.String("lnkkzIxaveggz-HFhcMWW15nxvOj0Z_uQsXbpK0GFcY"),
					},
				},
			},
			Description: pulumi.String("Long description for Token Validation Configuration"),
			Title:       pulumi.String("Example Token Validation Configuration"),
			TokenSources: pulumi.StringArray{
				pulumi.String("http.request.headers[\"x-auth\"][0]"),
				pulumi.String("http.request.cookies[\"Authorization\"][0]"),
			},
			TokenType: pulumi.String("JWT"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;

return await Deployment.RunAsync(() => 
{
    var exampleTokenValidationConfig = new Cloudflare.TokenValidationConfig("example_token_validation_config", new()
    {
        ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
        Credentials = new Cloudflare.Inputs.TokenValidationConfigCredentialsArgs
        {
            Keys = new[]
            {
                new Cloudflare.Inputs.TokenValidationConfigCredentialsKeyArgs
                {
                    Alg = "ES256",
                    Crv = "P-256",
                    Kid = "38013f13-c266-4eec-a72a-92ec92779f21",
                    Kty = "EC",
                    X = "KN53JRwN3wCjm2o39bvZUX2VdrsHzS8pxOAGjm8m7EQ",
                    Y = "lnkkzIxaveggz-HFhcMWW15nxvOj0Z_uQsXbpK0GFcY",
                },
            },
        },
        Description = "Long description for Token Validation Configuration",
        Title = "Example Token Validation Configuration",
        TokenSources = new[]
        {
            "http.request.headers[\"x-auth\"][0]",
            "http.request.cookies[\"Authorization\"][0]",
        },
        TokenType = "JWT",
    });

});

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.TokenValidationConfig;
import com.pulumi.cloudflare.TokenValidationConfigArgs;
import com.pulumi.cloudflare.inputs.TokenValidationConfigCredentialsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleTokenValidationConfig = new TokenValidationConfig("exampleTokenValidationConfig", TokenValidationConfigArgs.builder()
            .zoneId("023e105f4ecef8ad9ca31a8372d0c353")
            .credentials(TokenValidationConfigCredentialsArgs.builder()
                .keys(TokenValidationConfigCredentialsKeyArgs.builder()
                    .alg("ES256")
                    .crv("P-256")
                    .kid("38013f13-c266-4eec-a72a-92ec92779f21")
                    .kty("EC")
                    .x("KN53JRwN3wCjm2o39bvZUX2VdrsHzS8pxOAGjm8m7EQ")
                    .y("lnkkzIxaveggz-HFhcMWW15nxvOj0Z_uQsXbpK0GFcY")
                    .build())
                .build())
            .description("Long description for Token Validation Configuration")
            .title("Example Token Validation Configuration")
            .tokenSources(            
                "http.request.headers[\"x-auth\"][0]",
                "http.request.cookies[\"Authorization\"][0]")
            .tokenType("JWT")
            .build());

    }
}

    resources:
  exampleTokenValidationConfig:
    type: cloudflare:TokenValidationConfig
    name: example_token_validation_config
    properties:
      zoneId: 023e105f4ecef8ad9ca31a8372d0c353
      credentials:
        keys:
          - alg: ES256
            crv: P-256
            kid: 38013f13-c266-4eec-a72a-92ec92779f21
            kty: EC
            x: KN53JRwN3wCjm2o39bvZUX2VdrsHzS8pxOAGjm8m7EQ
            y: lnkkzIxaveggz-HFhcMWW15nxvOj0Z_uQsXbpK0GFcY
      description: Long description for Token Validation Configuration
      title: Example Token Validation Configuration
      tokenSources:
        - http.request.headers["x-auth"][0]
        - http.request.cookies["Authorization"][0]
      tokenType: JWT

    Create TokenValidationConfig Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new TokenValidationConfig(name: string, args: TokenValidationConfigArgs, opts?: CustomResourceOptions);
    @overload
def TokenValidationConfig(resource_name: str,
                          args: TokenValidationConfigArgs,
                          opts: Optional[ResourceOptions] = None)

@overload
def TokenValidationConfig(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          credentials: Optional[TokenValidationConfigCredentialsArgs] = None,
                          description: Optional[str] = None,
                          title: Optional[str] = None,
                          token_sources: Optional[Sequence[str]] = None,
                          token_type: Optional[str] = None,
                          zone_id: Optional[str] = None)
    func NewTokenValidationConfig(ctx *Context, name string, args TokenValidationConfigArgs, opts ...ResourceOption) (*TokenValidationConfig, error)
    public TokenValidationConfig(string name, TokenValidationConfigArgs args, CustomResourceOptions? opts = null)
    public TokenValidationConfig(String name, TokenValidationConfigArgs args)
public TokenValidationConfig(String name, TokenValidationConfigArgs args, CustomResourceOptions options)

    type: cloudflare:TokenValidationConfig
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

    Parameters

    name string
    The unique name of the resource.
    args TokenValidationConfigArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args TokenValidationConfigArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args TokenValidationConfigArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args TokenValidationConfigArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args TokenValidationConfigArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var tokenValidationConfigResource = new Cloudflare.TokenValidationConfig("tokenValidationConfigResource", new()
{
    Credentials = new Cloudflare.Inputs.TokenValidationConfigCredentialsArgs
    {
        Keys = new[]
        {
            new Cloudflare.Inputs.TokenValidationConfigCredentialsKeyArgs
            {
                Alg = "string",
                Kid = "string",
                Kty = "string",
                Crv = "string",
                E = "string",
                N = "string",
                X = "string",
                Y = "string",
            },
        },
    },
    Description = "string",
    Title = "string",
    TokenSources = new[]
    {
        "string",
    },
    TokenType = "string",
    ZoneId = "string",
});

    example, err := cloudflare.NewTokenValidationConfig(ctx, "tokenValidationConfigResource", &cloudflare.TokenValidationConfigArgs{
	Credentials: &cloudflare.TokenValidationConfigCredentialsArgs{
		Keys: cloudflare.TokenValidationConfigCredentialsKeyArray{
			&cloudflare.TokenValidationConfigCredentialsKeyArgs{
				Alg: pulumi.String("string"),
				Kid: pulumi.String("string"),
				Kty: pulumi.String("string"),
				Crv: pulumi.String("string"),
				E:   pulumi.String("string"),
				N:   pulumi.String("string"),
				X:   pulumi.String("string"),
				Y:   pulumi.String("string"),
			},
		},
	},
	Description: pulumi.String("string"),
	Title:       pulumi.String("string"),
	TokenSources: pulumi.StringArray{
		pulumi.String("string"),
	},
	TokenType: pulumi.String("string"),
	ZoneId:    pulumi.String("string"),
})

    var tokenValidationConfigResource = new TokenValidationConfig("tokenValidationConfigResource", TokenValidationConfigArgs.builder()
    .credentials(TokenValidationConfigCredentialsArgs.builder()
        .keys(TokenValidationConfigCredentialsKeyArgs.builder()
            .alg("string")
            .kid("string")
            .kty("string")
            .crv("string")
            .e("string")
            .n("string")
            .x("string")
            .y("string")
            .build())
        .build())
    .description("string")
    .title("string")
    .tokenSources("string")
    .tokenType("string")
    .zoneId("string")
    .build());

    token_validation_config_resource = cloudflare.TokenValidationConfig("tokenValidationConfigResource",
    credentials={
        "keys": [{
            "alg": "string",
            "kid": "string",
            "kty": "string",
            "crv": "string",
            "e": "string",
            "n": "string",
            "x": "string",
            "y": "string",
        }],
    },
    description="string",
    title="string",
    token_sources=["string"],
    token_type="string",
    zone_id="string")

    const tokenValidationConfigResource = new cloudflare.TokenValidationConfig("tokenValidationConfigResource", {
    credentials: {
        keys: [{
            alg: "string",
            kid: "string",
            kty: "string",
            crv: "string",
            e: "string",
            n: "string",
            x: "string",
            y: "string",
        }],
    },
    description: "string",
    title: "string",
    tokenSources: ["string"],
    tokenType: "string",
    zoneId: "string",
});

    type: cloudflare:TokenValidationConfig
properties:
    credentials:
        keys:
            - alg: string
              crv: string
              e: string
              kid: string
              kty: string
              "n": string
              x: string
              "y": string
    description: string
    title: string
    tokenSources:
        - string
    tokenType: string
    zoneId: string

    TokenValidationConfig Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The TokenValidationConfig resource accepts the following input properties:

    Credentials TokenValidationConfigCredentials
    Description string
    Title string
    TokenSources List<string>
    TokenType string
    Available values: "JWT".
    ZoneId string
    Identifier.
    Credentials TokenValidationConfigCredentialsArgs
    Description string
    Title string
    TokenSources []string
    TokenType string
    Available values: "JWT".
    ZoneId string
    Identifier.
    credentials TokenValidationConfigCredentials
    description String
    title String
    tokenSources List<String>
    tokenType String
    Available values: "JWT".
    zoneId String
    Identifier.
    credentials TokenValidationConfigCredentials
    description string
    title string
    tokenSources string[]
    tokenType string
    Available values: "JWT".
    zoneId string
    Identifier.
    credentials TokenValidationConfigCredentialsArgs
    description str
    title str
    token_sources Sequence[str]
    token_type str
    Available values: "JWT".
    zone_id str
    Identifier.
    credentials Property Map
    description String
    title String
    tokenSources List<String>
    tokenType String
    Available values: "JWT".
    zoneId String
    Identifier.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the TokenValidationConfig resource produces the following output properties:

    CreatedAt string
    Id string
    The provider-assigned unique ID for this managed resource.
    LastUpdated string
    CreatedAt string
    Id string
    The provider-assigned unique ID for this managed resource.
    LastUpdated string
    createdAt String
    id String
    The provider-assigned unique ID for this managed resource.
    lastUpdated String
    createdAt string
    id string
    The provider-assigned unique ID for this managed resource.
    lastUpdated string
    created_at str
    id str
    The provider-assigned unique ID for this managed resource.
    last_updated str
    createdAt String
    id String
    The provider-assigned unique ID for this managed resource.
    lastUpdated String

    Look up Existing TokenValidationConfig Resource

    Get an existing TokenValidationConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: TokenValidationConfigState, opts?: CustomResourceOptions): TokenValidationConfig
    @staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        created_at: Optional[str] = None,
        credentials: Optional[TokenValidationConfigCredentialsArgs] = None,
        description: Optional[str] = None,
        last_updated: Optional[str] = None,
        title: Optional[str] = None,
        token_sources: Optional[Sequence[str]] = None,
        token_type: Optional[str] = None,
        zone_id: Optional[str] = None) -> TokenValidationConfig
    func GetTokenValidationConfig(ctx *Context, name string, id IDInput, state *TokenValidationConfigState, opts ...ResourceOption) (*TokenValidationConfig, error)
    public static TokenValidationConfig Get(string name, Input<string> id, TokenValidationConfigState? state, CustomResourceOptions? opts = null)
    public static TokenValidationConfig get(String name, Output<String> id, TokenValidationConfigState state, CustomResourceOptions options)
    resources:  _:    type: cloudflare:TokenValidationConfig    get:      id: ${id}
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    CreatedAt string
    Credentials TokenValidationConfigCredentials
    Description string
    LastUpdated string
    Title string
    TokenSources List<string>
    TokenType string
    Available values: "JWT".
    ZoneId string
    Identifier.
    CreatedAt string
    Credentials TokenValidationConfigCredentialsArgs
    Description string
    LastUpdated string
    Title string
    TokenSources []string
    TokenType string
    Available values: "JWT".
    ZoneId string
    Identifier.
    createdAt String
    credentials TokenValidationConfigCredentials
    description String
    lastUpdated String
    title String
    tokenSources List<String>
    tokenType String
    Available values: "JWT".
    zoneId String
    Identifier.
    createdAt string
    credentials TokenValidationConfigCredentials
    description string
    lastUpdated string
    title string
    tokenSources string[]
    tokenType string
    Available values: "JWT".
    zoneId string
    Identifier.
    createdAt String
    credentials Property Map
    description String
    lastUpdated String
    title String
    tokenSources List<String>
    tokenType String
    Available values: "JWT".
    zoneId String
    Identifier.

    Supporting Types

    TokenValidationConfigCredentials, TokenValidationConfigCredentialsArgs

    TokenValidationConfigCredentialsKey, TokenValidationConfigCredentialsKeyArgs

    Alg string
    Algorithm Available values: "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384".
    Kid string
    Key ID
    Kty string
    Key Type Available values: "RSA", "EC".
    Crv string
    Curve Available values: "P-256", "P-384".
    E string
    RSA exponent
    N string
    RSA modulus
    X string
    X EC coordinate
    Y string
    Y EC coordinate
    Alg string
    Algorithm Available values: "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384".
    Kid string
    Key ID
    Kty string
    Key Type Available values: "RSA", "EC".
    Crv string
    Curve Available values: "P-256", "P-384".
    E string
    RSA exponent
    N string
    RSA modulus
    X string
    X EC coordinate
    Y string
    Y EC coordinate
    alg String
    Algorithm Available values: "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384".
    kid String
    Key ID
    kty String
    Key Type Available values: "RSA", "EC".
    crv String
    Curve Available values: "P-256", "P-384".
    e String
    RSA exponent
    n String
    RSA modulus
    x String
    X EC coordinate
    y String
    Y EC coordinate
    alg string
    Algorithm Available values: "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384".
    kid string
    Key ID
    kty string
    Key Type Available values: "RSA", "EC".
    crv string
    Curve Available values: "P-256", "P-384".
    e string
    RSA exponent
    n string
    RSA modulus
    x string
    X EC coordinate
    y string
    Y EC coordinate
    alg str
    Algorithm Available values: "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384".
    kid str
    Key ID
    kty str
    Key Type Available values: "RSA", "EC".
    crv str
    Curve Available values: "P-256", "P-384".
    e str
    RSA exponent
    n str
    RSA modulus
    x str
    X EC coordinate
    y str
    Y EC coordinate
    alg String
    Algorithm Available values: "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384".
    kid String
    Key ID
    kty String
    Key Type Available values: "RSA", "EC".
    crv String
    Curve Available values: "P-256", "P-384".
    e String
    RSA exponent
    n String
    RSA modulus
    x String
    X EC coordinate
    y String
    Y EC coordinate

    Import

    $ pulumi import cloudflare:index/tokenValidationConfig:TokenValidationConfig example '<zone_id>/<config_id>'

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Cloudflare pulumi/pulumi-cloudflare
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the cloudflare Terraform Provider.
    cloudflare logo
    Cloudflare v6.12.0 published on Wednesday, Dec 24, 2025 by Pulumi
    Schema (JSON)
    pulumi/pulumi-cloudflare
      Meet Neo: Your AI Platform Teammate