CD
Cloudflare Developers2w ago
Luke

What permissions are required to update a WAF rule via the API?

I'm trying to call the endpoint from these docs: https://developers.cloudflare.com/api/operations/updateZoneRulesetRule PATCH https://api.cloudflare.com/client/v4/zones/{zone_id}/rulesets/{ruleset_id}/rules/{rule_id} I have the Edit permissions on Zone WAF for the API token but I get the following error: 
{
  "success": false,
  "errors": [
    {
      "code": 10000,
      "message": "PATCH method not allowed for the api_token authentication scheme"
    }
  ]
}
{
  "success": false,
  "errors": [
    {
      "code": 10000,
      "message": "PATCH method not allowed for the api_token authentication scheme"
    }
  ]
}
Which permissions do I need to be able to update custom rules for WAF?
Cloudflare API Documentation
Interact with Cloudflare's products and services via the Cloudflare API
No description
10 Replies
Vero | Out of Office
Vero | Out of Office2w ago
HI. You need the "Firewall" permission that is in the account-scoped roles https://developers.cloudflare.com/fundamentals/setup/manage-members/roles/#account-scoped-roles
Cloudflare Docs
Roles | Cloudflare Fundamentals docs
Whenever you add a new member to your account, you can assign policies to those users and make use of the available roles. Roles can only ever be assigned to their given scope and multiple roles can be assigned to a given policy.
Vero | Out of Office
Vero | Out of Office2w ago
No description
Luke
Luke2w ago
Thank you @Vero 🐙 - it looks like that isn't available for API Tokens? Is this something that can't be automated via an API call? This part of the error makes me think that might be the case not allowed for the api_token authentication scheme
Vero | Out of Office
Vero | Out of Office2w ago
hmm not sure if it can be automated but just found these required permissions for API tokens in the API docs
No description
Luke
Luke2w ago
Thank you, I'll add those permissions. Im curious where you that api documentation is? I was looking for something like that here: https://developers.cloudflare.com/api/operations/updateZoneRulesetRule
Cloudflare API Documentation
Interact with Cloudflare's products and services via the Cloudflare API
Vero | Out of Office
Vero | Out of Office2w ago
Luke
Luke2w ago
Hmm, I've added all the permissions mentioned and still not working 🤔 Actually it looks like maybe this endpoint is different from the one in the other docs. It looks like this one is a patch on the ruleset as a whole rather than a specific rule within a ruleset. Does that mean I need to include all the rules in my patch even if I don't modify them?
Vero | Out of Office
Vero | Out of Office2w ago
Sorry, the other link points to the wrong endpoint
Vero | Out of Office
Vero | Out of Office2w ago
Vero | Out of Office
Vero | Out of Office2w ago
It looks like this one is for an specific rule in a ruleset
Want results from more Discord servers?
Add your server