cloudflare · maxvp · Aug 15, 2025 · Aug 15, 2025 · Aug 15, 2025 · Aug 15, 2025
@@ -5,7 +5,13 @@ sidebar:
   order: 1
 ---
 
-import { Details, GlossaryDefinition, TabItem, Tabs } from "~/components";
+import {
+	Details,
+	GlossaryDefinition,
+	TabItem,
+	Tabs,
+	APIRequest,
+} from "~/components";
 
 :::note
 Only available on Enterprise plans.
@@ -40,7 +46,6 @@ All devices you add to the proxy endpoint will be able to access your Cloudflare
 3. Give your endpoint any name.
 
 4. Enter the public source IP address of your device(s) in CIDR notation. For example:
-
    - **IPv4**: `192.0.2.0/8`
    - **IPv6**: `2001:0db8:0000:0000:0000:1234:5678:0000/109`
 
@@ -62,15 +67,16 @@ https://<SUBDOMAIN>.proxy.cloudflare-gateway.com
 
 1. [Create a proxy endpoint](/api/resources/zero_trust/subresources/gateway/subresources/proxy_endpoints/methods/create/) with the following call:
 
-   ```bash
-   curl https://api.cloudflare.com/client/v4/accounts/<ACCOUNT_ID>/gateway/proxy_endpoints \
-   --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
-   --header "Content-Type: application/json" \
-   --data '{"name": "any_name", "ips": ["<PUBLIC_IP>", "<PUBLIC_IP2>", "<PUBLIC_IP3>"]}'
-   ```
+   <APIRequest
+   	path="/accounts/{account_id}/gateway/proxy_endpoints"
+   	method="POST"
+   	json={{
+   		name: "any_name",
+   		ips: ["<PUBLIC_IP>", "<PUBLIC_IP2>", "<PUBLIC_IP3>"],
+   	}}
+   />
 
    Replace `<PUBLIC_IP>` with the source IP address of your device in CIDR notation. For example:
-
    - **IPv4**: `192.0.2.0/8`
    - **IPv6**: `2001:0db8:0000:0000:0000:1234:5678:0000/32`
 
@@ -210,10 +216,10 @@ To get the domain of a proxy endpoint:
 
 1. Use the [List proxy endpoints](/api/resources/zero_trust/subresources/gateway/subresources/proxy_endpoints/methods/list/) operation to get a list of your proxy endpoints and their details. For example:
 
-   ```bash
-   curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/proxy_endpoints \
-   --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN"
-   ```
+   <APIRequest
+   	path="/accounts/{account_id}/gateway/proxy_endpoints"
+   	method="GET"
+   />
 
    ```json {8} output
    {

@@ -8,7 +8,7 @@ description: Configure WARP to use a custom root certificate instead of the
   Cloudflare certificate.
 ---
 
-import { Render, Tabs, TabItem } from "~/components";
+import { Render, Tabs, TabItem, APIRequest } from "~/components";
 
 :::note
 Only available on Enterprise plans.
@@ -82,11 +82,10 @@ openssl x509 -in <CUSTOM-ROOT-CERT>.pem -text
 
 2. Set the certificate as available for use in inspection with the [Activate a Zero Trust certificate endpoint](/api/resources/zero_trust/subresources/gateway/subresources/certificates/methods/activate/). This will deploy the certificate across the Cloudflare global network.
 
-   ```sh
-   curl --request POST \
-   "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/certificates/$CERTIFICATE_ID/activate" \
-   --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN"
-   ```
+   <APIRequest
+   	path="/accounts/{account_id}/gateway/certificates/{certificate_id}/activate"
+   	method="POST"
+   />
 
    The response will return the certificate and a `pending_deployment` binding status. For example:
 
@@ -114,10 +113,10 @@ openssl x509 -in <CUSTOM-ROOT-CERT>.pem -text
 
 3. Use the [Get Zero Trust certificate details endpoint](/api/resources/zero_trust/subresources/gateway/subresources/certificates/methods/get/) to verify the certificate's binding status is set to `available`.
 
-   ```sh
-   curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/certificates/$CERTIFICATE_ID \
-   --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN"
-   ```
+   <APIRequest
+   	path="/accounts/{account_id}/gateway/certificates/{certificate_id}"
+   	method="GET"
+   />
 
    ```json {12}
    {
@@ -145,20 +144,18 @@ openssl x509 -in <CUSTOM-ROOT-CERT>.pem -text
 
 5. Use the [Patch Zero Trust account configuration endpoint](/api/resources/zero_trust/subresources/gateway/subresources/configurations/methods/edit/) to turn on the certificate for use in inspection. For example:
 
-   ```sh {9}
-   curl --request PATCH \
-   "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/configuration" \
-   --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
-   --header "Content-Type: application/json" \
-   --data '{
-   	"settings": {
-   		"certificate": {
-   			"id": "$CERTIFICATE_ID",
-        "in_use": true
-   		}
-   	}
-   }'
-   ```
+<APIRequest
+	path="/accounts/{account_id}/gateway/configuration"
+	method="PATCH"
+	json={{
+		settings: {
+			certificate: {
+				id: "{certificate_id}",
+				in_use: true,
+			},
+		},
+	}}
+/>
 
 Once `in-use` is set to `true`, Gateway will sign your traffic using the custom root certificate and private key. If you turn off or deactivate the custom certificate, Gateway will revert to the next available Cloudflare certificate generated for your Zero Trust account.
 

@@ -5,7 +5,7 @@ sidebar:
   order: 2
 ---
 
-import { Tabs, TabItem } from "~/components";
+import { Tabs, TabItem, APIRequest } from "~/components";
 
 Advanced security features such as [HTTPS traffic inspection](/cloudflare-one/policies/gateway/http-policies/tls-decryption/), [Data Loss Prevention](/cloudflare-one/policies/data-loss-prevention/), [anti-virus scanning](/cloudflare-one/policies/gateway/http-policies/antivirus-scanning/), [Access for Infrastructure](/cloudflare-one/applications/non-http/infrastructure-apps/), and [Browser Isolation](/cloudflare-one/policies/browser-isolation/) require users to install and trust a root certificate on their device. You can either install the certificate provided by Cloudflare (default option), or generate your own custom certificate and upload it to Cloudflare.
 
@@ -46,11 +46,7 @@ To generate a new Cloudflare root certificate for your Zero Trust organization:
 
 Send a `POST` request to the [Create Zero Trust certificate](/api/resources/zero_trust/subresources/gateway/subresources/certificates/methods/create/) endpoint.
 
-```sh
-curl --request POST \
-https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/certificates \
---header "Authorization: Bearer $CLOUDFLARE_API_TOKEN"
-```
+<APIRequest path="/accounts/{account_id}/gateway/certificates" method="POST" />
 
 The API will respond with the ID and contents of the new certificate.
 
@@ -83,11 +79,10 @@ To activate your root certificate:
 
 Send a `POST` request to the [Activate a Zero Trust certificate](/api/resources/zero_trust/subresources/gateway/subresources/certificates/methods/activate/) endpoint.
 
-```sh
-curl --request POST \
-https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/certificates/$CERTIFICATE_ID/activate \
---header "Authorization: Bearer $CLOUDFLARE_API_TOKEN"
-```
+<APIRequest
+	path="/accounts/{account_id}/gateway/certificates/{certificate_id}/activate"
+	method="POST"
+/>
 
 </TabItem> </Tabs>
 
@@ -108,20 +103,18 @@ Once you deploy and install your certificate, you can turn it on for use in insp
 
 Send a `PUT` request to the [Update Zero Trust account configuration](/api/resources/zero_trust/subresources/gateway/subresources/configurations/methods/update/) endpoint. For example:
 
-```sh
-curl --request PUT \
-"https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/configuration" \
---header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
---header "Content-Type: application/json" \
---data '{
-  "settings": {
-    "certificate": {
-      "id": "$CERTIFICATE_ID",
-      "in_use": true
-    }
-  }
-}'
-```
+<APIRequest
+	path="/accounts/{account_id}/gateway/configuration"
+	method="PUT"
+	json={{
+		settings: {
+			certificate: {
+				id: "{certificate_id}",
+				in_use: true,
+			},
+		},
+	}}
+/>
 
 </TabItem> </Tabs>