APIs.io Engineering Platform · Schema
tunnel_originRequest
Configuration parameters for the public hostname specific connection settings between cloudflared and origin server.
APIs.ioEngineeringPlatform
Properties
| Name | Type | Description |
|---|---|---|
| access | object | For all L7 requests to this hostname, cloudflared will validate each request's Cf-Access-Jwt-Assertion request header. |
| caPool | string | Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare. |
| connectTimeout | integer | Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout. |
| disableChunkedEncoding | boolean | Disables chunked transfer encoding. Useful if you are running a WSGI server. |
| http2Origin | boolean | Attempt to connect to origin using HTTP2. Origin must be configured as https. |
| httpHostHeader | string | Sets the HTTP Host header on requests sent to the local service. |
| keepAliveConnections | integer | Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections. |
| keepAliveTimeout | integer | Timeout after which an idle keepalive connection can be discarded. |
| noHappyEyeballs | boolean | Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols. |
| noTLSVerify | boolean | Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted. |
| originServerName | string | Hostname that cloudflared should expect from your origin server certificate. |
| proxyType | string | cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: "" for the regular p |
| tcpKeepAlive | integer | The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server. |
| tlsTimeout | integer | Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "#/components/schemas/tunnel_originRequest",
"title": "tunnel_originRequest",
"description": "Configuration parameters for the public hostname specific connection settings between cloudflared and origin server.",
"properties": {
"access": {
"description": "For all L7 requests to this hostname, cloudflared will validate each request's Cf-Access-Jwt-Assertion request header.",
"properties": {
"audTag": {
"description": "Access applications that are allowed to reach this hostname for this Tunnel. Audience tags can be identified in the dashboard or via the List Access policies API.",
"items": {
"type": "string"
},
"type": "array"
},
"required": {
"default": false,
"description": "Deny traffic that has not fulfilled Access authorization.",
"type": "boolean"
},
"teamName": {
"default": "Your Zero Trust organization name.",
"type": "string"
}
},
"required": [
"audTag",
"teamName"
],
"type": "object"
},
"caPool": {
"default": "",
"description": "Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare.",
"type": "string"
},
"connectTimeout": {
"default": 10,
"description": "Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout.",
"type": "integer"
},
"disableChunkedEncoding": {
"description": "Disables chunked transfer encoding. Useful if you are running a WSGI server.",
"type": "boolean"
},
"http2Origin": {
"description": "Attempt to connect to origin using HTTP2. Origin must be configured as https.",
"type": "boolean"
},
"httpHostHeader": {
"description": "Sets the HTTP Host header on requests sent to the local service.",
"type": "string"
},
"keepAliveConnections": {
"default": 100,
"description": "Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections.",
"type": "integer"
},
"keepAliveTimeout": {
"default": 90,
"description": "Timeout after which an idle keepalive connection can be discarded.",
"type": "integer"
},
"noHappyEyeballs": {
"default": false,
"description": "Disable the \u201chappy eyeballs\u201d algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.",
"type": "boolean"
},
"noTLSVerify": {
"default": false,
"description": "Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted.",
"type": "boolean"
},
"originServerName": {
"default": "",
"description": "Hostname that cloudflared should expect from your origin server certificate.",
"type": "string"
},
"proxyType": {
"default": "",
"description": "cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: \"\" for the regular proxy and \"socks\" for a SOCKS5 proxy.\n",
"type": "string"
},
"tcpKeepAlive": {
"default": 30,
"description": "The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server.",
"type": "integer"
},
"tlsTimeout": {
"default": 10,
"description": "Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server.",
"type": "integer"
}
},
"type": "object"
}