Skip to content

Glossary

Review the definitions for terms used across Cloudflare's documentation.

Term Definition Product
Access group

A set of rules that can be configured once and then quickly applied across many Access applications.

Cloudflare One
account

Accounts group one or more members together with specific roles or permissions. Accounts can be associated with any number of domains.

Fundamentals
ACK (Acknowledge)

The final step in the TCP three-way handshake, confirming the establishment of a connection.

Spectrum
active zone

A DNS zone that is active on Cloudflare requires changing its nameservers to Cloudflare's for management.

DNS
address map

A data structure enabling customers with BYOIP prefixes or account-level static IPs to specify which IP addresses should be mapped to DNS records when they are proxied through Cloudflare.

BYOIP
alarm

A Durable Object alarm is a mechanism that allows you to schedule the Durable Object to be woken up at a time in the future.

Durable Objects
allowlist

An allowlist is a list of items (usually websites, IP addresses, email addresses, etc.) that are permitted to access a system.

WAF
anycast

Anycast is a network addressing and routing method in which incoming requests can be routed to a variety of different locations. Anycast typically routes incoming traffic to the nearest data center with the capacity to process the request efficiently.

Magic WAN
apex domain

Apex domain is used to refer to a domain that does not contain a subdomain part, such as example.com (without www.). It is also known as "root domain" or "naked domain".

DNS
API call

Also known as an API request. An API call is a message sent to a server asking an API to provide a service or information.

API Shield
API endpoint

The API endpoint is the location where API calls or requests are fulfilled. API Shield defines endpoints as a host, method, and path tuple.

API Shield
API key

An API key is unique to each Cloudflare user and used to confirm identity when using the Cloudflare API.

Fundamentals
API schema

The API schema defines which API requests are valid based on several request properties like target endpoint, path or query variable format, and HTTP method.

API Shield
API token

API tokens authorize access to specific Cloudflare dashboard pages, accounts, and zones. API tokens are associated to the user that created them.

Fundamentals
App Launcher

The App Launcher portal provides end users with a single dashboard to open applications secured by Cloudflare Zero Trust.

Cloudflare One
application

The resource protected by Cloudflare Zero Trust, which can be a subdomain, a path, or a SaaS application.

Cloudflare One
application token

A piece of data that grants a user access to a specific Access application for a period of time. Can be stored in a browser cookie or passed to the application in place of a normal password.

Cloudflare One
attack score

A number from 1 (likely malicious) to 99 (likely clean) classifying how likely an incoming request is malicious or not. Allows you to detect new attack techniques before they are publicly known.

WAF
attribute

Traffic that flows through Area 1 can receive one or more attributes, which indicate that a specific condition has been met.

Area 1
Authenticated Origin Pulls

Authenticated Origin Pulls allow origin web servers to validate that a web request came from Cloudflare using TLS client certificate authentication.

SSL/TLS
autonomous system numbers (ASNs)

A large network or group of networks that has a unified routing policy. Every computer or device that connects to the Internet is connected to an autonomous system.

BYOIP
View more terms