New GraphQL Analytics Fields

Cloudflare has released two new fields in the httpRequestsAdaptive and httpRequestsAdaptiveGroups GraphQL Analytics API datasets to enhance API Shield monitoring:

• webAssetsOperationId — Returns the ID of the saved endpoint that matched an incoming request
• webAssetsLabelsManaged — Returns the managed labels (such as cf-llm, cf-log-in) mapped to the matched operation, with a maximum of 10 labels per request

Both fields return empty values when no operation matched, and webAssetsLabelsManaged is empty when the matched operation has no assigned managed labels.

Use Cases and Benefits

These fields enable developers to:

• Troubleshoot security detections — Understand which Web Assets operations triggered or bypassed security verdicts
• Track endpoint labeling — Monitor which managed labels were active for each request
• Audit API behavior — Correlate requests with specific API endpoints and their security classifications

This is particularly useful for debugging AI Security for Apps detections and other downstream security tools.

Getting Started

Query examples and detailed documentation are available in the Endpoint labeling service analytics guide. No migration or configuration changes are required—the fields are immediately available in GraphQL queries.