Update implementation guides

Author: maxvp

src/content/docs/learning-paths/replace-vpn/build-policies/create-policy.mdx

@@ -38,9 +38,8 @@ To create a new policy, open [Zero Trust](https://one.dash.cloudflare.com/) and
 <TabItem label="API">
 
 ```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "name": "Company Wiki DNS policy",
@@ -101,9 +100,8 @@ curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
 <TabItem label="API">
 
 ```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "name": "Company Wiki network policy",
@@ -159,9 +157,8 @@ We recommend adding a catch-all policy to the bottom of your network policy list
 <TabItem label="API">
 
 ```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "name": "Catch-all block policy",

src/content/docs/learning-paths/secure-internet-traffic/build-dns-policies/create-list.mdx

@@ -28,7 +28,7 @@ The following DNS policy will allow access to all approved corporate domains inc
 <TabItem label="API">
 
 ```sh
-curl  https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
+curl  https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
   --header 'Content-Type: application/json' \
   --header "Authorization: Bearer <API_TOKEN>" \
 	--data '{

src/content/docs/learning-paths/secure-internet-traffic/build-dns-policies/create-policy.mdx

@@ -37,7 +37,7 @@ For more information, refer to [DNS policies](/cloudflare-one/policies/gateway/d
 To create a new DNS policy using cURL:
 
 ```sh
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
   --header 'Content-Type: application/json' \
   --header "Authorization: Bearer <API_TOKEN>" \
 	--data '{

src/content/docs/learning-paths/secure-internet-traffic/build-egress-policies/deploy-egress-ips.mdx

@@ -42,7 +42,7 @@ We recommend building baseline egress policies that can cover a majority of your
 <TabItem label="API">
 
 ```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
 --header "Authorization: Bearer <API_TOKEN>" \
 --header "Content-Type: application/json" \
 --data '{

src/content/docs/learning-paths/secure-internet-traffic/build-http-policies/browser-isolation.mdx

@@ -48,9 +48,8 @@ You can control potential risk and shape user behavior without applying heavy-ha
 </TabItem> <TabItem label="API">
 
 ```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "action": "isolate",
@@ -117,9 +116,8 @@ In this context, if some traffic is unknown to your organization, Cloudflare wil
 </TabItem> <TabItem label="API">
 
 ```bash title="Allow known applications and websites"
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "action": "isolate",
@@ -142,9 +140,8 @@ curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
 ```
 
 ```bash title="Block security risks"
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "action": "isolate",
@@ -167,9 +164,8 @@ curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
 ```
 
 ```bash title="Isolate all other traffic"
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "action": "isolate",

src/content/docs/learning-paths/secure-internet-traffic/build-http-policies/data-loss-prevention.mdx

@@ -46,9 +46,8 @@ To help this better match the needs of your organization, you can also build a c
 </TabItem> <TabItem label="API">
 
 ```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "action": "block",
@@ -98,9 +97,8 @@ For example, you can use a custom expression to detect when your users share pro
 <TabItem label="API">
 
 ```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "action": "block",
@@ -158,7 +156,7 @@ Many organizations want to detect and log financial information egressing from u
 <TabItem label="API">
 
 ```bash title="Block financial information shared with AI"
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
 --header "Authorization: Bearer <API_TOKEN>" \
 --header "Content-Type: application/json" \
 --data '{

src/content/docs/learning-paths/secure-internet-traffic/build-http-policies/tls-inspection.mdx

@@ -77,7 +77,7 @@ For example, if users are issued a corporate-managed iPhone with limited permiss
 1. Create a list of device serial numbers that you do not want to inspect.
 
    ```bash
-   curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/lists \
+   curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/lists \
    --header "X-Auth-Email: <EMAIL>" \
    --header "X-Auth-Key: <API_KEY>" \
    --header "Content-Type: application/json" \
@@ -96,7 +96,7 @@ For example, if users are issued a corporate-managed iPhone with limited permiss
 2. Create a Do Not Inspect policy that checks the device against the list of serial numbers.
 
    ```bash
-   curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
+   curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
    --header "X-Auth-Email: <EMAIL>" \
    --header "X-Auth-Key: <API_KEY>" \
    --header "Content-Type: application/json" \
@@ -141,9 +141,8 @@ If you filter your network-connected devices with Magic WAN tunnels, the WARP Co
 </TabItem> <TabItem label="API">
 
 ```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "name": "Do not inspect corporate devices",

src/content/docs/learning-paths/zero-trust-web-access/advanced-workflows/isolate-application.mdx

@@ -67,9 +67,8 @@ with HTTP policies applied"]
 <TabItem label="API">
 
 ```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/access/apps/{app_uuid}/policies \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/access/apps/$APP_UUID/policies \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "decision": "allow",
@@ -114,9 +113,8 @@ To create a list of serial numbers, refer to [Create Zero Trust list](/api/resou
 <TabItem label="API">
 
 ```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/access/apps/{app_uuid}/policies \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/access/apps/$APP_UUID/policies \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "decision": "allow",
@@ -164,9 +162,8 @@ Prevents users on unmanaged devices from downloading any files from your private
 <TabItem label="API">
 
 ```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "name": "Disable file downloads in isolated browser",
@@ -250,9 +247,8 @@ Block users on unmanaged devices from downloading files that contain credit card
 <TabItem label="API">
 
 ```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/gateway/rules \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "name": "Block credit card numbers",

src/content/partials/learning-paths/zero-trust/device-profiles.mdx

@@ -48,9 +48,8 @@ To customize the default settings:
 
 ```bash
 curl --request PATCH \
-https://api.cloudflare.com/client/v4/accounts/{account_id}/devices/policy \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/devices/policy \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "allow_mode_switch": false,
@@ -72,9 +71,8 @@ https://api.cloudflare.com/client/v4/accounts/{account_id}/devices/policy \
 
 ```bash
 curl --request PUT \
-https://api.cloudflare.com/client/v4/accounts/{account_id}/devices/settings \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/devices/settings \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "disable_for_time": 3600,