cloudflare · kodster28 · Jul 15, 2025 · Jul 15, 2025 · Jul 15, 2025 · Jul 15, 2025
@@ -1,14 +1,15 @@
 ---
 title: Eliminate long-lived credentials and enhance SSH security with Cloudflare Access for Infrastructure
 description: Use short-lived SSH certificates and fine-grained policy to secure access to your SSH servers.
-date: 2024-10-01T6:00:00Z
+date: 2024-10-01
 ---
 
 Organizations can now eliminate long-lived credentials from their SSH setup and enable strong multi-factor authentication for SSH access, similar to other Access applications, all while generating access and command logs.
 
 SSH with [Access for Infrastructure](/cloudflare-one/applications/non-http/infrastructure-apps/) uses short-lived SSH certificates from Cloudflare, eliminating SSH key management and reducing the security risks associated with lost or stolen keys. It also leverages a common deployment model for Cloudflare One customers: [WARP-to-Tunnel](/cloudflare-one/connections/connect-networks/use-cases/ssh/ssh-warp-to-tunnel/).
 
 SSH with Access for Infrastructure enables you to:
+
 - **Author fine-grained policy** to control who may access your SSH servers, including specific ports, protocols, and SSH users.
 - **Monitor infrastructure access** with Access and SSH command logs, supporting regulatory compliance and providing visibility in case of security breach.
 - **Preserve your end users' workflows.** SSH with Access for Infrastructure supports native SSH clients and does not require any modifications to users’ SSH configs.

@@ -1,7 +1,7 @@
 ---
 title: Export SSH command logs with Access for Infrastructure using Logpush
 description: Easily configure automatic export of SSH command logs to third-party storage destinations or to security information and event management (SIEM) tools.
-date: 2025-01-15T6:00:00Z
+date: 2025-01-15
 ---
 
 :::note[Availability]

@@ -1,7 +1,7 @@
 ---
 title: New SAML and OIDC Fields and SAML transforms for Access for SaaS
 description: Access for SaaS new SAML and OIDC Fields and SAML transforms
-date: 2025-03-03T6:00:00Z
+date: 2025-03-03
 ---
 
 [Access for SaaS applications](/cloudflare-one/applications/configure-apps/saas-apps/) now include more configuration options to support a wider array of SaaS applications.

@@ -1,7 +1,7 @@
 ---
 title: Cloudflare Zero Trust SCIM User and Group Provisioning Logs
 description: View all user and group updates, creation and deletion events made via SCIM across all of your IdP instances in one place
-date: 2025-04-09T6:00:00Z
+date: 2025-04-09
 ---
 
 [Cloudflare Zero Trust SCIM provisioning](/cloudflare-one/identity/users/scim) now has a full audit log of all create, update and delete event from any SCIM Enabled IdP. The [SCIM logs](/cloudflare-one/insights/logs/scim-logs/) support filtering by IdP, Event type, Result and many more fields. This will help with debugging user and group update issues and questions.

@@ -1,10 +1,9 @@
 ---
 title: Access bulk policy tester
 description: Test and simulate Access policies before deploying them to production. The Access bulk policy tester allows you to test your policies against your entire user population before and after deploying them.
-date: 2025-04-21T6:00:00Z
+date: 2025-04-21
 ---
 
 The [Access bulk policy tester](/cloudflare-one/policies/access/policy-management/#test-all-policies-in-an-application) is now available in the Cloudflare Zero Trust dashboard. The bulk policy tester allows you to simulate Access policies against your entire user base before and after deploying any changes. The policy tester will simulate the configured policy against each user's last seen identity and device posture (if applicable).
 
 ![Example policy tester](~/assets/images/changelog/access/example-policy-tester.png)
-
@@ -1,12 +1,13 @@
 ---
 title: Access RDP securely from your browser — now in open beta
 description: Connect to internal Windows servers via a web browser — no VPN or RDP client required.
-date: 2025-07-01T13:00:00Z
+date: 2025-07-01
 ---
 
 [Browser-based RDP](/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser/) with [Cloudflare Access](/cloudflare-one/policies/access/) is now available in open beta for all Cloudflare customers. It enables secure, remote Windows server access without VPNs or RDP clients.
 
 With browser-based RDP, you can:
+
 - **Control how users authenticate to internal RDP resources** with single sign-on (SSO), multi-factor authentication (MFA), and granular access policies.
 - **Record who is accessing which servers and when** to support regulatory compliance requirements and to gain greater visibility in the event of a security event.
 - **Eliminate the need to install and manage software on user devices**. You will only need a web browser.
@@ -15,4 +16,3 @@ With browser-based RDP, you can:
 ![Example of a browsed-based RDP Access application](~/assets/images/changelog/access/browser-based-rdp-access-app.png)
 
 To get started, see [Connect to RDP in a browser](/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser/).
-
@@ -5,7 +5,7 @@ products:
   - agents
   - workers
   - workflows
-date: 2025-02-14T19:00:00Z
+date: 2025-02-14
 ---
 
 We've added an [example prompt](/workers/get-started/prompting/) to help you get started with building AI agents and applications on Cloudflare [Workers](/workers/), including [Workflows](/workflows/), [Durable Objects](/durable-objects/), and [Workers KV](/kv/).

@@ -4,7 +4,7 @@ description: Build and ship AI Agents on Cloudflare using the Agents SDK
 products:
   - agents
   - workers
-date: 2025-02-25T14:00:00Z
+date: 2025-02-25
 ---
 
 We've released the [Agents SDK](http://blog.cloudflare.com/build-ai-agents-on-cloudflare/), a package and set of tools that help you build and ship AI Agents.
@@ -25,7 +25,7 @@ npm i agents
 ... and then define your first Agent:
 
 ```ts
-import { Agent } from 'agents';
+import { Agent } from "agents";
 
 export class YourAgent extends Agent<Env> {
 	// Build it out

@@ -4,7 +4,7 @@ description: Install the latest version of the `agents` SDK to build multi-agent
 products:
   - agents
   - workers
-date: 2025-03-18T14:00:00Z
+date: 2025-03-18
 ---
 
 import { Badge, MetaInfo, Render, TypeScriptExample } from "~/components"

@@ -4,7 +4,7 @@ description: The Agents SDK now includes built-in support for building remote MC
 products:
   - agents
   - workers
-date: 2025-04-07T13:00:00Z
+date: 2025-04-07
 ---
 
 import { Render, PackageManagers, TypeScriptExample } from "~/components";

@@ -5,7 +5,7 @@ products:
   - agents
   - workers
   - workflows
-date: 2025-06-25T15:00:00Z
+date: 2025-06-25
 ---
 
 AI is supercharging app development for everyone, but we need a safe way to run untrusted, LLM-written code. We’re introducing [Sandboxes](https://www.npmjs.com/package/@cloudflare/sandbox), which let your Worker run actual processes in a secure, container-based environment.
@@ -15,10 +15,10 @@ import { getSandbox } from "@cloudflare/sandbox";
 export { Sandbox } from "@cloudflare/sandbox";
 
 export default {
-  async fetch(request: Request, env: Env) {
-    const sandbox = getSandbox(env.Sandbox, "my-sandbox");
-    return sandbox.exec("ls", ["-la"]);
-  },
+	async fetch(request: Request, env: Env) {
+		const sandbox = getSandbox(env.Sandbox, "my-sandbox");
+		return sandbox.exec("ls", ["-la"]);
+	},
 };
 ```
 

@@ -1,7 +1,7 @@
 ---
 title: AI Audit
 description: AI Audit is available to all customers
-date: 2024-09-23T11:00:00Z
+date: 2024-09-23
 ---
 
 Every site on Cloudflare now has access to [**AI Audit**](/ai-audit/), which summarizes the crawling behavior of popular and known AI services.

@@ -1,19 +1,21 @@
 ---
 title: Introducing Pay Per Crawl (private beta)
 description: A new feature which allows site owners to charge crawlers for access to their content
-date: 2025-07-01T12:00:00Z
+date: 2025-07-01
 ---
 
 We are introducing a new feature of [AI Audit](/ai-audit/) — Pay Per Crawl. [Pay Per Crawl](/ai-audit/features/pay-per-crawl/what-is-pay-per-crawl/) enables site owners to require payment from AI crawlers every time the crawlers access their content, thereby fostering a fairer Internet by enabling site owners to control and monetize how their content gets used by AI.
 
 ![Pay per crawl](~/assets/images/changelog/ai-audit/pay-per-crawl.png)
 
 **For Site Owners:**
+
 - Set pricing and select which crawlers to charge for content access
 - Manage payments via Stripe
 - Monitor analytics on successful content deliveries
 
 **For AI Crawler Owners:**
+
 - Use HTTP headers to request and accept pricing
 - Receive clear confirmations on charges for accessed content
 

@@ -1,7 +1,7 @@
 ---
 title: AI Audit refresh
 description: More intuitive AI crawler management
-date: 2025-07-01T11:00:00Z
+date: 2025-07-01
 ---
 
 We redesigned the AI Audit dashboard to provide more intuitive and granular control over AI crawlers.

@@ -3,7 +3,7 @@ title: AI Gateway adds DeepSeek as a Provider
 description: AI Gateway has added DeepSeek as a new provider.
 products:
   - ai-gateway
-date: 2025-01-02T11:00:00Z
+date: 2025-01-02
 ---
 
 [**AI Gateway**](/ai-gateway/) now supports [**DeepSeek**](/ai-gateway/providers/deepseek/), including their cutting-edge DeepSeek-V3 model. With this addition, you have even more flexibility to manage and optimize your AI workloads using AI Gateway. Whether you're leveraging DeepSeek or other providers, like OpenAI, Anthropic, or [Workers AI](/workers-ai/), AI Gateway empowers you to:

@@ -3,7 +3,7 @@ title: AI Gateway Introduces New Worker Binding Methods
 description: New Worker binding methods, enhancing integration capabilities for developers.
 products:
   - ai-gateway
-date: 2025-01-30T14:00:00Z
+date: 2025-01-30
 ---
 
 We have released new [Workers bindings API methods](/ai-gateway/integrations/worker-binding-methods/), allowing you to connect Workers applications to AI Gateway directly. These methods simplify how Workers calls AI services behind your AI Gateway configurations, removing the need to use the REST API and manually authenticate.

@@ -3,12 +3,12 @@ title: AI Gateway adds Cerebras, ElevenLabs, and Cartesia as new providers
 description: AI Gateway has added Cerebras, ElevenLabs, and Cartesia as new providers.
 products:
   - ai-gateway
-date: 2025-02-05T12:00:00Z
+date: 2025-02-05
 ---
 
 [AI Gateway](/ai-gateway/) has added three new providers: [Cartesia](/ai-gateway/providers/cartesia/), [Cerebras](/ai-gateway/providers/cerebras/), and [ElevenLabs](/ai-gateway/providers/elevenlabs/), giving you more even more options for providers you can use through AI Gateway. Here's a brief overview of each:
 
-- [Cartesia](/ai-gateway/providers/cartesia/) provides text-to-speech models that produce natural-sounding speech with low latency. 
+- [Cartesia](/ai-gateway/providers/cartesia/) provides text-to-speech models that produce natural-sounding speech with low latency.
 - [Cerebras](/ai-gateway/providers/cerebras/) delivers low-latency AI inference to Meta's Llama 3.1 8B and Llama 3.3 70B models.
 - [ElevenLabs](/ai-gateway/providers/elevenlabs/) offers text-to-speech models with human-like voices in 32 languages.
 
@@ -30,4 +30,3 @@ curl -X POST https://gateway.ai.cloudflare.com/v1/ACCOUNT_TAG/GATEWAY/cerebras/c
     ]
 }'
 ```
-
@@ -3,7 +3,7 @@ title: Request timeouts and retries with AI Gateway
 description: AI Gateway has added additional request handling, with request timeouts and request retries
 products:
   - ai-gateway
-date: 2025-02-06T11:00:00Z
+date: 2025-02-06
 ---
 
 AI Gateway adds additional ways to handle requests - [Request Timeouts](/ai-gateway/configuration/request-handling/#request-timeouts) and [Request Retries](/ai-gateway/configuration/request-handling/#request-retries), making it easier to keep your applications responsive and reliable.

@@ -1,7 +1,7 @@
 ---
 title: Introducing Guardrails in AI Gateway
 description: Keep AI interactions secure and risk-free with Guardrails in AI Gateway
-date: 2025-02-26T6:00:00Z
+date: 2025-02-26
 preview_image: ~/assets/images/changelog/ai-gateway/guardrails-social-preview.png
 ---
 

@@ -1,7 +1,7 @@
 ---
 title: AI Gateway launches Realtime WebSockets API
 description: AI Gateway now supports end-to-end, client-to-provider WebSockets
-date: 2025-03-21T09:00:00Z
+date: 2025-03-21
 ---
 
 We are excited to announce that [AI Gateway](/ai-gateway/) now supports real-time AI interactions with the new [Realtime WebSockets API](/ai-gateway/websockets-api/realtime-api/).

@@ -3,28 +3,29 @@ title: AI Gateway adds OpenAI compatible endpoint
 description: AI Gateway has added OpenAI compatibility
 products:
   - ai-gateway
-date: 2025-06-03T12:00:00Z
+date: 2025-06-03
 ---
-Users can now use an [OpenAI Compatible endpoint](/ai-gateway/chat-completion/) in AI Gateway to easily switch between providers, while keeping the exact same request and response formats. We're launching now with the chat completions endpoint, with the embeddings endpoint coming up next.  
+
+Users can now use an [OpenAI Compatible endpoint](/ai-gateway/chat-completion/) in AI Gateway to easily switch between providers, while keeping the exact same request and response formats. We're launching now with the chat completions endpoint, with the embeddings endpoint coming up next.
 
 To get started, use the OpenAI compatible chat completions endpoint URL with your own account id and gateway id and switch between providers by changing the `model` and `apiKey` parameters.
 
 ```js title="OpenAI SDK Example"
 import OpenAI from "openai";
 const client = new OpenAI({
-  apiKey: "YOUR_PROVIDER_API_KEY", // Provider API key
-  baseURL:
-    "https://gateway.ai.cloudflare.com/v1/{account_id}/{gateway_id}/compat",
+	apiKey: "YOUR_PROVIDER_API_KEY", // Provider API key
+	baseURL:
+		"https://gateway.ai.cloudflare.com/v1/{account_id}/{gateway_id}/compat",
 });
 
 const response = await client.chat.completions.create({
-  model: "google-ai-studio/gemini-2.0-flash",
-  messages: [{ role: "user", content: "What is Cloudflare?" }],
+	model: "google-ai-studio/gemini-2.0-flash",
+	messages: [{ role: "user", content: "What is Cloudflare?" }],
 });
 
 console.log(response.choices[0].message.content);
 ```
 
-Additionally, the [OpenAI Compatible endpoint](/ai-gateway/chat-completion/) can be combined with our [Universal Endpoint](/ai-gateway/universal/) to add fallbacks across multiple providers. That means AI Gateway will return every response in the same standardized format, no extra parsing logic required!  
+Additionally, the [OpenAI Compatible endpoint](/ai-gateway/chat-completion/) can be combined with our [Universal Endpoint](/ai-gateway/universal/) to add fallbacks across multiple providers. That means AI Gateway will return every response in the same standardized format, no extra parsing logic required!
 
-Learn more in the [OpenAI Compatibility](/ai-gateway/chat-completion/) documentation. 
+Learn more in the [OpenAI Compatibility](/ai-gateway/chat-completion/) documentation.
@@ -1,7 +1,7 @@
 ---
 title: New GraphQL Analytics API Explorer and MCP Server
 description: Easily explore, build, and run GraphQL queries with two new tools
-date: 2025-05-23T11:00:00Z
+date: 2025-05-23
 ---
 
 We’ve launched two powerful new tools to make the GraphQL Analytics API more accessible:

@@ -1,7 +1,7 @@
 ---
 title: New API Posture Management for API Shield
 description: Monitor for API-specific threats and risks with Posture Management for API Shield
-date: 2025-03-18T11:00:00Z
+date: 2025-03-18
 ---
 
 Now, API Shield **automatically** labels your API inventory with API-specific risks so that you can track and manage risks to your APIs.
@@ -10,24 +10,24 @@ View these risks in [Endpoint Management](/api-shield/management-and-monitoring/
 
 ![A list of endpoint management labels](~/assets/images/changelog/api-shield/endpoint-management-label.png)
 
- ...or in [Security Center Insights](/security-center/security-insights/):
+...or in [Security Center Insights](/security-center/security-insights/):
 
 ![An example security center insight](~/assets/images/changelog/api-shield/posture-management-insight.png)
- 
+
 API Shield will scan for risks on your API inventory daily. Here are the new risks we're scanning for and automatically labelling:
 
 - **cf-risk-sensitive**: applied if the customer is subscribed to the [sensitive data detection ruleset](/waf/managed-rules/reference/sensitive-data-detection/) and the WAF detects sensitive data returned on an endpoint in the last seven days.
-- **cf-risk-missing-auth**: applied if the customer has configured a session ID and no successful requests to the endpoint contain the session ID. 
+- **cf-risk-missing-auth**: applied if the customer has configured a session ID and no successful requests to the endpoint contain the session ID.
 - **cf-risk-mixed-auth**: applied if the customer has configured a session ID and some successful requests to the endpoint contain the session ID while some lack the session ID.
 - **cf-risk-missing-schema**: added when a learned schema is available for an endpoint that has no active schema.
 - **cf-risk-error-anomaly**: added when an endpoint experiences a recent increase in response errors over the last 24 hours.
 - **cf-risk-latency-anomaly**: added when an endpoint experiences a recent increase in response latency over the last 24 hours.
 - **cf-risk-size-anomaly**: added when an endpoint experiences a spike in response body size over the last 24 hours.
 
 In addition, API Shield has two new 'beta' scans for **Broken Object Level Authorization (BOLA) attacks**. If you're in the beta, you will see the following two labels when API Shield suspects an endpoint is suffering from a BOLA vulnerability:
- 
- - **cf-risk-bola-enumeration**: added when an endpoint experiences successful responses with drastic differences in the number of unique elements requested by different user sessions.
- - **cf-risk-bola-pollution**: added when an endpoint experiences successful responses where parameters are found in multiple places in the request.
+
+- **cf-risk-bola-enumeration**: added when an endpoint experiences successful responses with drastic differences in the number of unique elements requested by different user sessions.
+- **cf-risk-bola-pollution**: added when an endpoint experiences successful responses where parameters are found in multiple places in the request.
 
 We are currently accepting more customers into our beta. Contact your account team if you are interested in BOLA attack detection for your API.
 

@@ -1,7 +1,7 @@
 ---
 title: Audit logs (version 2) - Beta Release
 description: New version of audit logs
-date: 2025-03-27T11:00:00Z
+date: 2025-03-27
 ---
 The latest version of audit logs streamlines audit logging by automatically capturing all user and system actions performed through the Cloudflare Dashboard or public APIs. This update leverages Cloudflare’s existing API Shield to generate audit logs based on OpenAPI schemas, ensuring a more consistent and automated logging process.
 
@@ -12,7 +12,7 @@ Use the following API endpoint to retrieve audit logs:
 GET https://api.cloudflare.com/client/v4/accounts/<account_id>/logs/audit?since=<date>&before=<date>
 
 ```
-You can access detailed documentation for audit logs (version 2) Beta API release [here](https://developers.cloudflare.com/api/resources/accounts/subresources/logs/subresources/audit/methods/list/). 
+You can access detailed documentation for audit logs (version 2) Beta API release [here](https://developers.cloudflare.com/api/resources/accounts/subresources/logs/subresources/audit/methods/list/).
 
 **Key Improvements in the Beta Release:**
 

@@ -4,7 +4,7 @@ description: AutoRAG lets you create fully-managed, retrieval-augmented generati
 products:
   - autorag
   - vectorize
-date: 2025-04-07T6:00:00Z
+date: 2025-04-07
 ---
 
 [AutoRAG](/autorag) is now in open beta, making it easy for you to build fully-managed retrieval-augmented generation (RAG) pipelines without managing infrastructure. Just upload your docs to [R2](/r2/get-started/), and AutoRAG handles the rest: embeddings, indexing, retrieval, and response generation via API.