5.5.0 (2026-07-10)
Full Changelog: v5.4.0...v5.5.0
Breaking Changes
- ssl: The
recommendationssub-resource has been removed.client.ssl.recommendations.get()and theRecommendationGetResponsetype are no longer available. - email_routing: The
listmethod has been removed fromclient.email_routing.rules. Onlycreate,update,delete, andgetremain. TheRuleListParamstype has been removed. - zero_trust: The
UserPolicyCheckGeotype has been removed fromcloudflare.types.zero_trust.access.applications. The geo information is now inlined asUserIdentityGeowithinUserPolicyCheckListResponse. - zero_trust: The pagination type for
client.zero_trust.devices.ip_profiles.list()changed fromSyncSinglePagetoSyncV4PagePaginationArray. Code that relied on single-page iteration semantics may need adjustment. - aisearch: The
SourceParamsWebCrawlerStoreOptionstype and thestore_optionsfield onSourceParamsWebCrawlerhave been removed from instance create/update params and responses. Theparse_typeenum value"feed-rss"has been removed (only"sitemap"and"crawl"remain). Thesearch_queryfield onInstanceSearchResponseandNamespaceSearchResponsechanged from requiredstrtoOptional[str]. A new requiredquery_kindfield (Literal["text", "image", "multimodal"]) has been added to search responses. - zero_trust: In
Organizationand related params,MfaSSHPivKeyRequirementshas been renamed toMfaPivKeyRequirements, themfa_ssh_piv_key_requirementsfield has been renamed tomfa_piv_key_requirements, and theallowed_authenticatorsenum value"ssh_piv_key"has been changed to"piv_key".
Features
- email_auth: add email_auth resource (43fb66a)
- moq: add moq resource (c409a18)
- logs: add log_explorer sub-resource with query, datasets, and available datasets (b8896ca)
- email_security: add bulk message operations to investigate (e96350d)
- aisearch: add multimodal support with image_url content parts and new
@cf/qwen/qwen3-vl-embedding-2bembedding model (de12426) - zero_trust: add Worker destination types (
WorkerDestination,PreviewWorkerDestination,AllWorkersDestination,AllPreviewWorkersDestination) to Access applications andeager_redirect_cookie_settingfield to self-hosted applications (de12426) - magic_transit: add
primaryandsite_idfields to connector create/edit params (de12426) - rulesets: add
Varycache settings withActionParametersVary,ActionParametersVaryDefault, andActionParametersVaryHeaderstypes (de12426) - cloudforce_one:
threat_events.datasets.list()now accepts optional params (de12426) - email_security: add
expected_dispositionparam toinvestigate.move.create()andinvestigate.move.bulk()(de12426) - email_routing: add
support_subaddressfield toSettingsresponse type (de12426) - zero_trust: add
max_ttl_secsfield toGatewayConfigurationSettingsand newMaxTTLtype to gatewayLocationfor DNS TTL cap control (de12426) - zero_trust: add
GlobalAccelerationtype to default and custom device policy settings (de12426) - accounts: add
categoryfield toPermissionGroupGetResponseandPermissionGroupListResponsefor account and user tokens (de12426)
New Resources
EmailAuth (client.email_auth)
DMARC report management and SPF inspection for email authentication.
DMARCReports (client.email_auth.dmarc_reports)
edit(*, zone_id, **params) -> Optional[DMARCReportEditResponse]get(*, zone_id) -> Optional[DMARCReportGetResponse]
New types:
from cloudflare.types.email_auth import DMARCReportEditResponse, DMARCReportGetResponseSPF Inspect (client.email_auth.spf.inspect)
get(*, zone_id, **params) -> Optional[InspectGetResponse]
New types:
from cloudflare.types.email_auth.spf import InspectGetResponseMoQ (client.moq)
Media over QUIC relay management.
Relays (client.moq.relays)
create(*, account_id, **params) -> Optional[RelayCreateResponse]update(relay_id, *, account_id, **params) -> Optional[RelayUpdateResponse]list(*, account_id, **params) -> SyncSinglePage[RelayListResponse]delete(relay_id, *, account_id) -> objectget(relay_id, *, account_id) -> Optional[RelayGetResponse]
New types:
from cloudflare.types.moq import (
RelayCreateResponse,
RelayUpdateResponse,
RelayListResponse,
RelayGetResponse,
)Tokens (client.moq.relays.tokens)
rotate(relay_id, *, account_id, **params) -> Optional[TokenRotateResponse]
New types:
from cloudflare.types.moq.relays import TokenRotateResponseLog Explorer (client.logs.log_explorer)
SQL-based log querying and dataset management.
Query (client.logs.log_explorer.query)
sql(body, *, account_id, zone_id, **params) -> SyncSinglePage[QuerySqlResponse]
New types:
from cloudflare.types.logs.log_explorer import QuerySqlResponseDatasets (client.logs.log_explorer.datasets)
create(*, account_id, zone_id, **params) -> Optional[Dataset]update(dataset_id, *, account_id, zone_id, **params) -> Optional[Dataset]list(*, account_id, zone_id, **params) -> SyncSinglePage[DatasetSummary]get(dataset_id, *, account_id, zone_id) -> Optional[Dataset]
Available (client.logs.log_explorer.datasets.available)
list(*, account_id, zone_id) -> SyncSinglePage[AvailableDataset]
New types:
from cloudflare.types.logs.log_explorer import (
Dataset,
DatasetSummary,
CreateRequest,
UpdateRequest,
)
from cloudflare.types.logs.log_explorer.datasets import AvailableDataset, AvailableListEmail Security Investigate Bulk (client.email_security.investigate.bulk)
Bulk message movement and quarantine release operations.
create(*, account_id, **params) -> BulkCreateResponselist(*, account_id, **params) -> SyncV4PagePaginationArray[BulkListResponse]delete(job_id, *, account_id) -> BulkDeleteResponseget(job_id, *, account_id) -> BulkGetResponse
Cancel (client.email_security.investigate.bulk.cancel)
create(job_id, *, account_id) -> CancelCreateResponse
Messages (client.email_security.investigate.bulk.messages)
list(job_id, *, account_id, **params) -> SyncV4PagePaginationArray[MessageListResponse]
New types:
from cloudflare.types.email_security.investigate import (
BulkCreateResponse,
BulkListResponse,
BulkDeleteResponse,
BulkGetResponse,
)
from cloudflare.types.email_security.investigate.bulk import (
CancelCreateResponse,
MessageListResponse,
)