# Cloudflare Zero Trust Access Requests Ingests Cloudflare Zero Trust Access authentication events and access requests. This input collects authentication events that record user access attempts to applications protected by Cloudflare Zero Trust Access, including login/logout actions, identity provider information, and temporary access approvals. **Sync Type: Incremental** ## Requirements - A Cloudflare account with Zero Trust Access enabled - An API Token with the `Zero Trust Access:Read` permission - Your Cloudflare Account ID ### Creating an API Token 1. Log in to your Cloudflare dashboard 2. Navigate to **My Profile** > **API Tokens** 3. Click **Create Token** 4. Use the **Create Custom Token** option 5. Configure the token: - **Token name**: Give it a descriptive name (e.g., "Monad Zero Trust Access") - **Permissions**: Add `Zero Trust` > `Zero Trust Access` > `Read` - **Account Resources**: Select the specific account(s) or "All accounts" 6. Click **Continue to summary** and then **Create Token** 7. Copy the token value (you won't be able to see it again) ### Finding Your Account ID 1. Log in to your Cloudflare dashboard 2. Select the account you want to monitor 3. The Account ID is displayed in the right sidebar on the overview page 4. Alternatively, find it in the URL: `https://dash.cloudflare.com/{account_id}/...` ## Details - **State Management**: Uses ascending cursor-based pagination with timestamp tracking. Monad stores the last processed timestamp to fetch only new events on subsequent runs. - **API Endpoint**: `GET /accounts/{account_id}/access/logs/access_requests` - **Pagination**: Time-based pagination with a `since` parameter and up to 1000 records per page, sorted in ascending order by timestamp. - **Rate Limits**: 1200 requests per 5 minutes (4 requests per second). The input automatically enforces this limit. - **Deduplication**: Uses `ray_id` (unique Cloudflare request identifier) to prevent duplicate records. ## Configuration ### Settings | Setting | Type | Required | Description | |---------|------|----------|-------------| | `account_id` | string | Yes | Cloudflare Account ID | | `backfill_start_time` | string | No | The date to start fetching data from. If not specified, no past records will be fetched. | | API Rate Limit | object | No | Optional limit on the connector's outbound request rate to the source API. Leave blank to use the connector's default behavior. See [API Rate Limiting](../../../guides/rate-limiting) for the field format, limits, and how to choose a value. | ### Secrets | Secret | Type | Required | Description | |--------|------|----------|-------------| | `api_token` | string | Yes | API Token with Zero Trust Access:Read permission | ### Rate Limits | Limit | Value | Notes | |-------|-------|-------| | Requests per 5 minutes | 1,200 | Enforced by Cloudflare | | Max records per page | 1,000 | Maximum allowed by API | **Source**: [Cloudflare API Rate Limits](https://developers.cloudflare.com/fundamentals/api/reference/limits/) ## Troubleshooting ### Common Issues **Issue**: `API returned success=false` with authentication error **Cause**: The API token is invalid, expired, or lacks the required permissions. **Solution**: Verify your API token is correct and has the `Zero Trust Access:Read` permission. Create a new token if needed. **Issue**: `Account ID is required` validation error **Cause**: The Account ID field was left empty. **Solution**: Enter your Cloudflare Account ID in the settings. You can find this in your Cloudflare dashboard. **Issue**: No data returned despite having access requests **Cause**: The backfill start time may be set to a future date, or there may not be any access events in the specified time range. **Solution**: Verify the backfill start time is set correctly or leave it empty to fetch all available events. **Issue**: Rate limit exceeded errors **Cause**: Multiple integrations or manual API calls are consuming the rate limit quota. **Solution**: The input automatically handles rate limiting. If you see persistent errors, reduce the frequency of other API calls to your Cloudflare account. ## Related Articles - [Cloudflare Zero Trust Access API Documentation](https://developers.cloudflare.com/api/resources/zero_trust/subresources/access/subresources/logs/subresources/access_requests/) - [Cloudflare API Tokens](https://developers.cloudflare.com/fundamentals/api/get-started/create-token/) - [Cloudflare API Rate Limits](https://developers.cloudflare.com/fundamentals/api/reference/limits/) - [Zero Trust Access Overview](https://www.cloudflare.com/zero-trust/products/access/) ## Sample Record ```json { "action": "login", "allowed": true, "app_domain": "test.example.com/admin", "app_uid": "df7e2w5f-02b7-4d9d-af26-8d1988fca630", "connection": "saml", "created_at": "2014-01-01T05:20:00.12345Z", "ip_address": "198.41.129.166", "ray_id": "187d944c61940c77", "user_email": "user@example.com" } ```