Cloudflare
Automate DNS record management, CDN cache purging, SSL certificate control, and zone configuration — all authenticated via Cloudflare API Token.
What this node does: The Cloudflare node provides full Cloudflare API coverage across four resources: zone, dns, ssl, and cache. All access requires a scoped Cloudflare API Token — not an email address and global API key. Tokens grant the minimum-privilege scopes needed (e.g.
Zone:DNS:Edit for DNS management).
Resources & Operations (22 total)
zone 5 Operations
| Operation | Description |
|---|---|
zone/list | List all zones accessible to the API token. Returns an array of zone objects including id, name, status, and nameservers. |
zone/get | Retrieve full details for a specific zone by its ID. |
zone/getSettings | Get all settings for a zone including SSL mode, cache level, security level, minification, and more. |
zone/updateSettings | Update one or more zone settings in a single call. Pass a JSON object of setting keys and values. |
zone/purgeAll | Purge the entire Cloudflare cache for the zone. All cached assets will be re-fetched from origin on the next request. |
dns 8 Operations
| Operation | Description |
|---|---|
dns/list | List all DNS records for a zone. Returns an array of record objects with type, name, content, TTL, and proxied status. |
dns/get | Retrieve a single DNS record by record ID within a zone. |
dns/create | Create a new DNS record. Supports A, AAAA, CNAME, MX, TXT, SRV, and NS record types with optional TTL and proxy settings. |
dns/update | Update an existing DNS record by ID. Replace content, TTL, proxy status, or type. |
dns/delete | Permanently delete a DNS record by record ID. |
dns/batchCreate | Create multiple DNS records in one operation. Pass a JSON array of record objects. |
dns/import | Import DNS records from a BIND zone file (RFC 1035 format). Useful for migrating existing DNS configurations. |
dns/export | Export all DNS records for a zone as a BIND zone file. Returns the file content as a string. |
ssl 6 Operations
| Operation | Description |
|---|---|
ssl/getSettings | Get the current SSL mode, certificate type, minimum TLS version, and related settings for a zone. |
ssl/setMode | Set the SSL encryption mode: off, flexible, full, or strict. |
ssl/listCerts | List all SSL certificates associated with a zone. |
ssl/getCert | Retrieve details for a specific certificate by its ID. |
ssl/orderCert | Order a new SSL certificate for a zone. Supports dedicated_custom and universal certificate types. |
ssl/deleteCert | Delete an SSL certificate by certificate ID. |
cache 3 Operations
| Operation | Description |
|---|---|
cache/purgeByUrl | Purge specific URLs from the Cloudflare cache. Accepts a JSON array of fully-qualified URLs. Immediate effect. |
cache/purgeByTag | Purge cached assets by cache tag. Accepts a JSON array of tag strings. Requires Cloudflare Enterprise. |
cache/purgeAll | Purge the entire Cloudflare cache for a zone. Equivalent to zone/purgeAll; provided as a convenience under the cache resource. |
Key Use Cases
- DNS automation: Dynamically update A records during blue/green deployments or container scale-out. Create records programmatically when provisioning new tenants.
- CDN cache management: Purge specific pages or assets immediately after a content deployment so users see the latest version without waiting for TTL expiry.
- SSL management: Enforce strict SSL mode across all zones as part of a security compliance workflow. Monitor certificate status and trigger alerts.
- Deployment automation: Chain DNS record updates, cache purges, and SSL checks into a single post-deploy workflow that runs automatically on every release.
- BIND migration: Import existing DNS configurations via BIND zone file format when onboarding new domains to Cloudflare.
Authentication
API Token required — not email + global key: This node authenticates exclusively via a scoped Cloudflare API Token. Generate tokens in the Cloudflare dashboard under My Profile → API Tokens. Create a token with only the permissions your workflow needs (e.g.
Zone:DNS:Edit and Zone:Cache Purge). Never use the unrestricted Global API Key in automated workflows.
In This Guide
Configuration
Complete property reference for all 22 operations across zone, dns, ssl, and cache resources.
Input & Output
DNS record object schema, zone object schema, output ports, and Cloudflare error codes.
Examples
Five real-world examples: dynamic DNS update, cache purge on deploy, SSL enforcement, BIND import, and zero-downtime DNS switch.