Adding a domain to the allowed origin list in bulk

Hi all,

We have ~60,000 videos with an allowed origin list that are now being accessed by a new domain. Is there any way we can update the allowed origin list in bulk (or via the API) without needing to edit each videos attributes manually in the Cloudflare web client?

I was not able to find this detailed in the API docs, but you can modify properties, including allowedOrigins and requireSignedURLs, using the API. I just tested this now and can confirm.

Use the GET Video details API reference as your starting point. Switch it from GET to POST and now you’re not just reading properties, you’re able to set properties.

You specify your properties within POST data, or the --data argument (in this curl example). See below where I specify the domain mydomain.com and all subdomains with *.mydomain.com. I also set the video to requireSignedURLs.

curl -X POST "https://api.cloudflare.com/client/v4/accounts/023e105f4ecef8ad9ca31a8372d0c353/stream/ea95132c15732412d22c1476fa83f27a" \
     -H "X-Auth-Email: [email protected]" \
     -H "X-Auth-Key: c2547eb745079dac9320b638f5e225cf483cc5cfdda41" \
     -H "Content-Type: application/json"
     --data '{"allowedOrigins":["mydomain.com", "*.mydomain.com"], "requireSignedURLs":true}'

I’ve played with this a bit more, to make a batch job of it from the Linux CLI.

Here’s the full command structure, that can be run as a single command from the Linux CLI. This depends on:

  • curl
  • xargs (builds commands from standard input)
  • jq (CLI JSON processor)

I suspect jq is probably the only one that’s not typically bundled with a Linux distro.

curl -X GET "https://api.cloudflare.com/client/v4/accounts/023e105f4ecef8ad9ca31a8372d0c353/stream" \
    -H "X-Auth-Email: [email protected]" \
    -H "X-Auth-Key: c2547eb745079dac9320b638f5e225cf483cc5cfdda41" \
    -H "Content-Type: application/json" | \
    jq -r '.result[].uid' | \
    xargs -I% -P 0 \
    curl -X POST "https://api.cloudflare.com/client/v4/accounts/023e105f4ecef8ad9ca31a8372d0c353/stream/%" \
        -H "X-Auth-Email: [email protected]" \
        -H "X-Auth-Key: c2547eb745079dac9320b638f5e225cf483cc5cfdda41" \
        -H "Content-Type: application/json" \
        --data '{"allowedOrigins":["mydomain.com", "*.mydomain.com"], "requireSignedURLs":true}'

Command breakdown:

  1. curl -X GET … get a list of all videos in your Cloudflare Stream account. Output is piped to jq.
  2. jq -r '.result[].uid' processes JSON data, pulling out UID properties, stripping quotations. Output is piped to xargs.
  3. xargs -I% -P 0 defines % as the replacement string to use within the proceeding command ( -I% ) and sets parallel processes to maximum possible ( -P 0 ).
  4. curl -X POST … sets the allowedOrigins and requireSignedURLs for the UID supplied to it dynamically by xargs.
1 Like

Thank you!

I shouldn’t known to experiment with API to see if there was a POST/PATCH option on the video.

I was able to update all of them. Thanks for your help.

1 Like