[Analytics] Adds footnote about API token and key. (#18036)

* Adds note about API token and key.

* Corrections after review.

* Changes after review.

Author: angelampcosta

src/content/docs/analytics/graphql-api/tutorials/end-customer-analytics.mdx

@@ -8,7 +8,7 @@ title: Querying HTTP events by hostname with GraphQL
 
 In this example, we are going to use the GraphQL Analytics API to query aggregated metrics about HTTP events by hostname over a specific period of time.
 
-The following API call will request the number of visits and edge response bytes for the custom hostname `hostname.example.com` over a four day period. Be sure to replace `CLOUDFLARE_ZONE_ID` AND `API_TOKEN` with your zone ID and API credentials, and adjust the `datetime_geq` and `datetime_leq` values as needed.
+The following API call will request the number of visits and edge response bytes for the custom hostname `hostname.example.com` over a four day period. Be sure to replace `CLOUDFLARE_ZONE_TAG` and `API_TOKEN`[^1] with your zone ID and API credentials, and adjust the `datetime_geq` and `datetime_leq` values as needed.
 
 ### API Call
 
@@ -30,7 +30,7 @@ echo '{ "query":
     }
   }",
   "variables": {
-    "zoneTag": "<CLOUDFLARE_ZONE_ID>",
+    "zoneTag": "<CLOUDFLARE_ZONE_TAG>",
     "filter": {
       "datetime_geq": "2022-07-20T11:00:00Z",
       "datetime_lt": "2022-07-24T12:00:00Z",
@@ -191,3 +191,5 @@ https://api.cloudflare.com/client/v4/graphql \
   }
 }' | jq -r 'try .data.viewer.zones[].topPaths[] | "\"\(.dimensions.metric)\": \(.sum.edgeResponseBytes)"' | sort
 ```
+
+[^1]: Refer to [Configure an Analytics API token](/analytics/graphql-api/getting-started/authentication/api-token-auth/) for more information on configuration and permissions.

src/content/docs/analytics/graphql-api/tutorials/querying-access-login-events.mdx

@@ -8,9 +8,8 @@ In this example, we are going to use the GraphQL Analytics API to retrieve logs
 
 The following API call will request logs for a single Access login event and output the requested fields. The authentication request is identified by its **Ray ID**, which you can obtain from the `403` Forbidden page shown to the user.
 
-You will need to insert your API credentials in `<EMAIL>` and `<API_KEY>` and substitute your own values for the following variables:
+You will need to insert your `<CLOUDFLARE_ACCOUNT_TAG>`, your API credentials in `<API_TOKEN>`[^1], and substitute your own values for the following variables:
 
-* `accountTag`: Your Cloudflare account ID.
 * `rayID`: A unique identifier assigned to the authentication request.
 * `datetimeStart`: The earliest event time to query (no earlier than September 16, 2022).
 * `datetimeEnd`: The latest event time to query. Be sure to specify a time range that includes the login event you are querying.
@@ -46,7 +45,7 @@ echo '{ "query":
     }
   }",
   "variables": {
-    "accountTag": "699d98642c564d2e855e9661899b7252",
+    "accountTag": "<CLOUDFLARE_ACCOUNT_TAG>",
     "rayId": "74e4ac510dfdc44f",
     "datetimeStart": "2022-09-20T14:36:38Z",
     "datetimeEnd": "2022-09-22T14:36:38Z"
@@ -103,3 +102,5 @@ Rather than filter by `cfRayId`, you may also [filter](/analytics/graphql-api/fe
 ```
 
 You can compare the query results to your Access policies to understand why a user was blocked. For example, if your application requires a valid mTLS certificate, Access blocked the request shown above because `mtlsStatus`, `mtlsCommonName`, and `mtlsCertSerialId` are empty.
+
+[^1]: Refer to [Configure an Analytics API token](/analytics/graphql-api/getting-started/authentication/api-token-auth/) for more information on configuration and permissions.

src/content/docs/analytics/graphql-api/tutorials/querying-firewall-events.mdx

@@ -6,7 +6,7 @@ title: Querying Firewall Events with GraphQL
 
 In this example, we are going to use the GraphQL Analytics API to query for Firewall Events over a specified time period.
 
-The following API call will request Firewall Events over a one hour period, and output the requested fields. Be sure to replace `<CLOUDFLARE_ZONE_ID>`, `<EMAIL>`, and `<API_KEY>` with your zone tag and API credentials, and adjust the `datetime_geg` and `datetime_leq` values to your liking.
+The following API call will request Firewall Events over a one hour period, and output the requested fields. Be sure to replace `<CLOUDFLARE_ZONE_TAG>`, `<EMAIL>`, and `<API_TOKEN>`[^1] with your zone tag and API credentials, and adjust the `datetime_geg` and `datetime_leq` values to your liking.
 
 ## API Call
 
@@ -34,7 +34,7 @@ echo '{ "query":
     }
   }",
   "variables": {
-    "zoneTag": "<CLOUDFLARE_ZONE_ID>",
+    "zoneTag": "<CLOUDFLARE_ZONE_TAG>",
     "filter": {
       "datetime_geq": "2022-07-24T11:00:00Z",
       "datetime_leq": "2022-07-24T12:00:00Z"
@@ -182,3 +182,5 @@ https://api.cloudflare.com/client/v4/graphql \
 #=>   "errors": null
 #=> }
 ```
+
+[^1]: Refer to [Configure an Analytics API token](/analytics/graphql-api/getting-started/authentication/api-token-auth/) for more information on configuration and permissions.

src/content/docs/analytics/graphql-api/tutorials/querying-magic-firewall-ids-samples.mdx

@@ -6,7 +6,7 @@ title: Querying Magic Firewall Intrusion Detection System (IDS) samples with Gra
 
 In this example, we are going to use the GraphQL Analytics API to query for IDS samples over a specified time period.
 
-The following API call will request IDS samples over a one hour period, and output the requested fields. Be sure to replace `<CLOUDFLARE_ACCOUNT_ID>`, `<EMAIL>`, and `<API_KEY>` with your account tag and API credentials, and adjust the `datetime_geg` and `datetime_leq` values to your liking.
+The following API call will request IDS samples over a one hour period, and output the requested fields. Be sure to replace `<CLOUDFLARE_ACCOUNT_TAG>` and `<API_TOKEN>`[^1] with your account tag and API credentials, and adjust the `datetime_geg` and `datetime_leq` values to your liking.
 
 ## API Call
 
@@ -31,7 +31,7 @@ echo '{ "query":
     }
   }",
   "variables": {
-    "accountTag": "<CLOUDFLARE_ACCOUNT_ID>",
+    "accountTag": "<CLOUDFLARE_ACCOUNT_TAG>",
     "filter": {
       "datetime_geq": "2023-06-20T11:00:00.000Z",
       "datetime_leq": "2023-06-20T12:00:00.000Z",
@@ -101,3 +101,5 @@ https://api.cloudflare.com/client/v4/graphql \
 #=>   "errors": null
 #=> }
 ```
+
+[^1]: Refer to [Configure an Analytics API token](/analytics/graphql-api/getting-started/authentication/api-token-auth/) for more information on configuration and permissions.

src/content/docs/analytics/graphql-api/tutorials/querying-magic-firewall-samples.mdx

@@ -6,7 +6,7 @@ title: Querying Magic Firewall Samples with GraphQL
 
 In this example, we are going to use the GraphQL Analytics API to query for Magic Firewall Samples over a specified time period.
 
-The following API call will request Magic Firewall Samples over a one hour period, and output the requested fields. Be sure to replace `<CLOUDFLARE_ACCOUNT_ID>`, `<EMAIL>`, and `<API_KEY>` with your zone tag and API credentials, and adjust the `datetime_geg` and `datetime_leq` values to your liking.
+The following API call will request Magic Firewall Samples over a one hour period, and output the requested fields. Be sure to replace `<CLOUDFLARE_ACCOUNT_TAG>` and `<API_TOKEN>`[^1] with your zone tag and API credentials, and adjust the `datetime_geg` and `datetime_leq` values to your liking.
 
 ## API Call
 
@@ -33,7 +33,7 @@ echo '{ "query":
     }
   }",
   "variables": {
-    "accountTag": "<CLOUDFLARE_ACCOUNT_ID>",
+    "accountTag": "<CLOUDFLARE_ACCOUNT_TAG>",
     "filter": {
       "datetime_geq": "2022-07-24T11:00:00Z",
       "datetime_leq": "2022-07-24T11:10:00Z"
@@ -106,3 +106,5 @@ https://api.cloudflare.com/client/v4/graphql \
 #=>   "errors": null
 #=> }
 ```
+
+[^1]: Refer to [Configure an Analytics API token](/analytics/graphql-api/getting-started/authentication/api-token-auth/) for more information on configuration and permissions.

src/content/docs/analytics/graphql-api/tutorials/querying-workers-metrics.mdx

@@ -8,7 +8,7 @@ products:
 
 In this example, we are going to use the GraphQL Analytics API to query for Workers Metrics over a specified time period. We can query up to one month of data for dates up to three months ago.
 
-The following API call will request a Worker script's metrics over a one day period, and output the requested fields. Be sure to replace `<CLOUDFLARE_ACCOUNT_ID>`, `<EMAIL>`, and `<API_KEY>` with your API credentials, and adjust the `datetimeStart`, `datetimeEnd`, and `scriptName` variables as needed.
+The following API call will request a Worker script's metrics over a one day period, and output the requested fields. Be sure to replace `<CLOUDFLARE_ACCOUNT_TAG>` and `<API_TOKEN>`[^1] with your API credentials, and adjust the `datetimeStart`, `datetimeEnd`, and `scriptName` variables as needed.
 
 ## API Call
 
@@ -41,7 +41,7 @@ echo '{ "query":
     }
   }",
   "variables": {
-    "accountTag": "<CLOUDFLARE_ACCOUNT_ID>",
+    "accountTag": "<CLOUDFLARE_ACCOUNT_TAG>",
     "datetimeStart": "2022-08-04T00:00:00.000Z",
     "datetimeEnd": "2022-08-04T01:00:00.000Z",
     "scriptName": "worker-subrequest-test-client"
@@ -126,3 +126,5 @@ https://api.cloudflare.com/client/v4/graphql \
 #=>   "errors": null
 #=> }
 ```
+
+[^1]: Refer to [Configure an Analytics API token](/analytics/graphql-api/getting-started/authentication/api-token-auth/) for more information on configuration and permissions.

src/content/partials/magic-transit/graphql/query-magic-transit-bandwidth-graphql.mdx

@@ -7,7 +7,7 @@ import { Markdown } from "~/components";
 
 In this example, you are going to use the GraphQL Analytics API to query {props.productName} ingress tunnel traffic over a specified time period.
 
-The following API call will request {props.productName} ingress tunnel traffic over a one-hour period and output the requested fields. Be sure to replace `<CLOUDFLARE_ACCOUNT_ID>` with your account ID, `<EMAIL>`, `<API_KEY>`, and `<API_TOKEN>` with your API credentials, and adjust the `datetime_geq` and `datetime_leq` values as needed.
+The following API call will request {props.productName} ingress tunnel traffic over a one-hour period and output the requested fields. Be sure to replace `<CLOUDFLARE_ACCOUNT_TAG>` with your account ID, `<EMAIL>`, `<API_KEY>`[^1] (legacy) or `<API_TOKEN>`[^2] (preferred method) with your API credentials, and adjust the `datetime_geq` and `datetime_leq` values as needed.
 
 The following example queries for ingress traffic. To query for egress, change the value in the direction filter.
 
@@ -38,7 +38,7 @@ PAYLOAD='{ "query":
       }
   }",
     "variables": {
-      "accountTag": "<CLOUDFLARE_ACCOUNT_ID>",
+      "accountTag": "<CLOUDFLARE_ACCOUNT_TAG>",
       "direction": "ingress",
       "datetimeStart": "2022-05-04T11:00:00.000Z",
       "datetimeEnd": "2022-05-04T12:00:00.000Z"
@@ -102,3 +102,6 @@ curl https://api.cloudflare.com/client/v4/graphql \
 #=>   "errors": null
 #=> }
 ```
+
+[^1]: Refer to [Authenticate with a Cloudflare API key](/analytics/graphql-api/getting-started/authentication/api-key-auth/) for more information.
+[^2]: Refer to [Configure an Analytics API token](/analytics/graphql-api/getting-started/authentication/api-token-auth/) for more information on configuration and permissions.

src/content/partials/magic-transit/graphql/query-magic-transit-health-checks.mdx

@@ -7,7 +7,7 @@ import { Markdown } from "~/components";
 
 In this example, you are going to use the GraphQL Analytics API to query {props.productName} health check results which are aggregated from individual health checks carried out by Cloudflare servers to Generic Routing Encapsulation (GRE) tunnels you have set up to work with {props.productName} during the onboarding process. You can query up to one week of data for dates up to three months ago.
 
-The following API call will request a particular account's tunnel health checks over a one day period for a particular Cloudflare data center, and outputs the requested fields. Be sure to replace `<CLOUDFLARE_ACCOUNT_ID>`, `<EMAIL>`, and `<API_KEY>` with your API credentials, and adjust the `datetimeStart`, `datetimeEnd` variables as needed.
+The following API call will request a particular account's tunnel health checks over a one day period for a particular Cloudflare data center, and outputs the requested fields. Be sure to replace `<CLOUDFLARE_ACCOUNT_TAG>` and `<API_TOKEN>`[^1] with your API credentials, and adjust the `datetimeStart`, `datetimeEnd` variables as needed.
 
 It will return the tunnel health check results by Cloudflare data center. The result for each data center is aggregated from the healthchecks conducted on individual servers. The tunnel state field in the value represents the state of the tunnel. These states are used by {props.productName} for routing. The value `0` for the tunnel state represents it being down, the value `0.5` being degraded and the value `1` as healthy.
 
@@ -37,7 +37,7 @@ echo '{ "query":
     }
   }",
   "variables": {
-    "accountTag": "<CLOUDFLARE_ACCOUNT_ID>",
+    "accountTag": "<CLOUDFLARE_ACCOUNT_TAG>",
     "datetimeStart": "2022-08-04T00:00:00.000Z",
     "datetimeEnd": "2022-08-04T01:00:00.000Z"
   }
@@ -96,3 +96,5 @@ https://api.cloudflare.com/client/v4/graphql \
 #=>   "errors": null
 #=> }
 ```
+
+[^1]: Refer to [Configure an Analytics API token](/analytics/graphql-api/getting-started/authentication/api-token-auth/) for more information on configuration and permissions.