AI Crawl Control now supports extending the underlying WAF rule with custom modifications. Any changes you make directly in the WAF custom rules editor — such as adding path-based exceptions, extra user agents, or additional expression clauses — are preserved when you update crawler actions in AI Crawl Control. If the WAF rule expression has been modified in a way AI Crawl Control cannot parse, a warning banner appears on the Crawlers page with a link to view the rule directly in WAF. For more information, refer to WAF rule management.
Workflow instance methods pause(), resume(), restart(), and terminate() are now available in local development when using wrangler dev. You can now test the full Workflow instance lifecycle locally: const instance = await env.MY_WORKFLOW.create({ id: "my-instance-id",}); await instance.pause(); // pauses a running workflow instanceawait instance.resume(); // resumes a paused instanceawait instance.restart(); // restarts the instance from the beginningawait instance.terminate(); // terminates the instance immediately
AI Search now supports custom metadata filtering, allowing you to define your own metadata fields and filter search results based on attributes like category, version, or any custom field you define. Define a custom metadata schema You can define up to 5 custom metadata fields per AI Search instance. Each field has a name and data type (text, number, or boolean): curl -X POST https://api.cloudflare.com/client/v4/accounts/{ACCOUNT_ID}/ai-search/instances \ -H "Content-Type: application/json" \ -H "Authorization: Bearer {API_TOKEN}" \ -d '{ "id": "my-instance", "type": "r2", "source": "my-bucket", "custom_metadata": [ { "field_name": "category", "data_type": "text" }, { "field_name": "version", "data_type": "number" }, { "field_name": "is_public", "data_type": "boolean" } ] }' Add metadata to your documents How you attach metadata depends on your data source:
R2 bucket: Set metadata using S3-compatible custom headers (x-amz-meta-*) when uploading objects. Refer to R2 custom metadata for examples. Website: Add tags to your HTML pages. Refer to Website custom metadata for details.
Filter search results Use custom metadata fields in your search queries alongside built-in attributes like folder and timestamp: curl https://api.cloudflare.com/client/v4/accounts/{ACCOUNT_ID}/ai-search/instances/{NAME}/search \ -H "Content-Type: application/json" \ -H "Authorization: Bearer {API_TOKEN}" \ -d '{ "messages": [ { "content": "How do I configure authentication?", "role": "user" } ], "ai_search_options": { "retrieval": { "filters": { "category": "documentation", "version": { "$gte": 2.0 } } } } }' Learn more in the metadata filtering documentation.
R2 SQL now supports an expanded SQL grammar so you can write richer analytical queries without exporting data. This release adds CASE expressions, column aliases, arithmetic in clauses, 163 scalar functions, 33 aggregate functions, EXPLAIN, Common Table Expressions (CTEs),and full struct/array/map access. R2 SQL is Cloudflare's serverless, distributed, analytics query engine for querying Apache Iceberg tables stored in R2 Data Catalog. This page documents the supported SQL syntax. Highlights
Column aliases — SELECT col AS alias now works in all clauses CASE expressions — conditional logic directly in SQL (searched and simple forms) Scalar functions — 163 new functions across math, string, datetime, regex, crypto, encoding, and type inspection categories Aggregate functions — statistical (variance, stddev, correlation, regression), bitwise, boolean, and positional aggregates join the existing basic and approximate functions Complex types — query struct fields with bracket notation, use 46 array functions, and extract map keys/values Common table expressions (CTEs) — use WITH ... AS to define named temporary result sets. Chained CTEs are supported. All CTEs must reference the same single table. Full expression support — arithmetic, type casting (CAST, TRY_CAST, :: shorthand), and EXTRACT in SELECT, WHERE, GROUP BY, HAVING, and ORDER BY
Examples CASE expressions with statistical aggregates SELECT source, CASE WHEN AVG(price) > 30 THEN 'premium' WHEN AVG(price) > 10 THEN 'mid-tier' ELSE 'budget' END AS tier, round(stddev(price), 2) AS price_volatility, approx_percentile_cont(price, 0.95) AS p95_priceFROM my_namespace.sales_dataGROUP BY source Struct and array access SELECT product_name, pricing['price'] AS price, array_to_string(tags, ', ') AS tag_listFROM my_namespace.productsWHERE array_has(tags, 'Action')ORDER BY pricing['price'] DESCLIMIT 10 Chained CTEs with time-series analysis WITH monthly AS ( SELECT date_trunc('month', sale_timestamp) AS month, department, COUNT(*) AS transactions, round(AVG(total_amount), 2) AS avg_amount FROM my_namespace.sales_data WHERE sale_timestamp BETWEEN '2025-01-01T00:00:00Z' AND '2025-12-31T23:59:59Z' GROUP BY date_trunc('month', sale_timestamp), department),ranked AS ( SELECT month, department, transactions, avg_amount, CASE WHEN avg_amount > 1000 THEN 'high-value' WHEN avg_amount > 500 THEN 'mid-value' ELSE 'standard' END AS tier FROM monthly WHERE transactions > 100)SELECT * FROM rankedORDER BY month, avg_amount DESC For the full function reference and syntax details, refer to the SQL reference. For limitations and best practices, refer to Limitations and best practices.
This week's release focuses on new improvements to enhance coverage. Key Findings
Existing rule enhancements have been deployed to improve detection resilience against broad classes of web attacks and strengthen behavioral coverage.
RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionCommentsCloudflare Managed Ruleset54ad0465c30d4cd2ac7a707197321c6c N/ACommand Injection - Generic 9 - URI VectorLogDisabledThis is a new detection.Cloudflare Managed Rulesetb31c34a7b29b4aaf9be6883d1eb7a999 N/A Command Injection - Generic 9 - Header Vector Log Disabled This is a new detection.Cloudflare Managed Ruleset155bb67d1061479e995a38510677175f N/A Command Injection - Generic 9 - Body Vector Log Disabled This is a new detection.Cloudflare Managed Ruleset55fb1c76f0304f6a9d935d03479da68f N/APHP, vBulletin, jQuery File Upload - Code Injection, Dangerous File Upload - CVE:CVE-2018-9206, CVE:CVE-2019-17132 (beta)LogBlockThis rule has been merged into the original rule "PHP, vBulletin, jQuery File Upload - Code Injection, Dangerous File Upload - CVE:CVE-2018-9206, CVE:CVE-2019-17132" (ID: 0f2da91cec674eb58006929e824b817c )
Two new fields are now available in the httpRequestsAdaptive and httpRequestsAdaptiveGroups GraphQL Analytics API datasets:
webAssetsOperationId — the ID of the saved endpoint that matched the incoming request. webAssetsLabelsManaged — the managed labels mapped to the matched operation at the time of the request (for example, cf-llm, cf-log-in). At most 10 labels are returned per request.
Both fields are empty when no operation matched. webAssetsLabelsManaged is also empty when no managed labels are assigned to the matched operation. These fields allow you to determine, per request, which Web Assets operation was matched and which managed labels were active. This is useful for troubleshooting downstream security detection verdicts — for example, understanding why AI Security for Apps did or did not flag a request. Refer to Endpoint labeling service for GraphQL query examples.
The latest release of the Agents SDK exposes agent state as a readable property, prevents duplicate schedule rows across Durable Object restarts, brings full TypeScript inference to AgentClient, and migrates to Zod 4.
Readable state on useAgent and AgentClient
Both useAgent (React) and AgentClient (vanilla JS) now expose a state property that reflects the current agent state. Previously, reading state required manually tracking it through the onStateUpdate callback.
React (useAgent)
JavaScript const agent = useAgent({ agent: "game-agent", name: "room-123",});
// Read state directly — no separate useState + onStateUpdate neededreturn div>Score: {agent.state?.score}div>;
// Spread for partial updatesagent.setState({ ...agent.state, score: (agent.state?.score ?? 0) + 10 }); TypeScript const agent = useAgentGameAgent, GameState>({ agent: "game-agent", name: "room-123",});
// Read state directly — no separate useState + onStateUpdate neededreturn div>Score: {agent.state?.score}div>;
// Spread for partial updatesagent.setState({ ...agent.state, score: (agent.state?.score ?? 0) + 10 });
agent.state is reactive — the component re-renders when state changes from either the server or a client-side setState() call.
Vanilla JS (AgentClient)
JavaScript const client = new AgentClient({ agent: "game-agent", name: "room-123", host: "your-worker.workers.dev",});
client.setState({ score: 100 });console.log(client.state); // { score: 100 } TypeScript const client = new AgentClientGameAgent>({ agent: "game-agent", name: "room-123", host: "your-worker.workers.dev",});
client.setState({ score: 100 });console.log(client.state); // { score: 100 }
State starts as undefined and is populated when the server sends the initial state on connect (from initialState) or when setState() is called. Use optional chaining (agent.state?.field) for safe access. The onStateUpdate callback continues to work as before — the new state property is additive.
Idempotent schedule()
schedule() now supports an idempotent option that deduplicates by (type, callback, payload), preventing duplicate rows from accumulating when called in places that run on every Durable Object restart such as onStart().
Cron schedules are idempotent by default. Calling schedule("0 * * * *", "tick") multiple times with the same callback, expression, and payload returns the existing schedule row instead of creating a new one. Pass { idempotent: false } to override.
Delayed and date-scheduled types support opt-in idempotency:
JavaScript import { Agent } from "agents";
class MyAgent extends Agent { async onStart() { // Safe across restarts — only one row is created await this.schedule(60, "maintenance", undefined, { idempotent: true }); }} TypeScript import { Agent } from "agents";
class MyAgent extends Agent { async onStart() { // Safe across restarts — only one row is created await this.schedule(60, "maintenance", undefined, { idempotent: true }); }}
Two new warnings help catch common foot-guns:
Calling schedule() inside onStart() without { idempotent: true } emits a console.warn with actionable guidance (once per callback; skipped for cron and when idempotent is set explicitly). If an alarm cycle processes 10 or more stale one-shot rows for the same callback, the SDK emits a console.warn and a schedule:duplicate_warning diagnostics channel event.
Typed AgentClient with call inference and stub proxy
AgentClient now accepts an optional agent type parameter for full type inference on RPC calls, matching the typed experience already available with useAgent.
JavaScript const client = new AgentClient({ agent: "my-agent", host: window.location.host,});
// Typed call — method name autocompletes, args and return type inferredconst value = await client.call("getValue");
// Typed stub — direct RPC-style proxyawait client.stub.getValue();await client.stub.add(1, 2); TypeScript const client = new AgentClientMyAgent>({ agent: "my-agent", host: window.location.host,});
// Typed call — method name autocompletes, args and return type inferredconst value = await client.call("getValue");
// Typed stub — direct RPC-style proxyawait client.stub.getValue();await client.stub.add(1, 2);
State is automatically inferred from the agent type, so onStateUpdate is also typed:
JavaScript const client = new AgentClient({ agent: "my-agent", host: window.location.host, onStateUpdate: (state) => { // state is typed as MyAgent's state type },}); TypeScript const client = new AgentClientMyAgent>({ agent: "my-agent", host: window.location.host, onStateUpdate: (state) => { // state is typed as MyAgent's state type },});
Existing untyped usage continues to work without changes. The RPC type utilities (AgentMethods, AgentStub, RPCMethods) are now exported from agents/client for advanced typing scenarios.
agents, @cloudflare/ai-chat, and @cloudflare/codemode now require zod ^4.0.0. Zod v3 is no longer supported.
@cloudflare/ai-chat fixes
Turn serialization — onChatMessage() and _reply() work is now queued so user requests, tool continuations, and saveMessages() never stream concurrently. Duplicate messages on stop — Clicking stop during an active stream no longer splits the assistant message into two entries. Duplicate messages after tool calls — Orphaned client IDs no longer leak into persistent storage.
keepAlive() and keepAliveWhile() are no longer experimental
keepAlive() now uses a lightweight in-memory ref count instead of schedule rows. Multiple concurrent callers share a single alarm cycle. The @experimental tag has been removed from both keepAlive() and keepAliveWhile().
@cloudflare/codemode: TanStack AI integration
A new entry point @cloudflare/codemode/tanstack-ai adds support for TanStack AI's chat() as an alternative to the Vercel AI SDK's streamText():
JavaScript import { createCodeTool, tanstackTools,} from "@cloudflare/codemode/tanstack-ai";import { chat } from "@tanstack/ai";
const codeTool = createCodeTool({ tools: [tanstackTools(myServerTools)], executor,});
const stream = chat({ adapter, tools: [codeTool], messages }); TypeScript import { createCodeTool, tanstackTools } from "@cloudflare/codemode/tanstack-ai";import { chat } from "@tanstack/ai";
const codeTool = createCodeTool({ tools: [tanstackTools(myServerTools)], executor,});
const stream = chat({ adapter, tools: [codeTool], messages });
Upgrade
To update to the latest version:
npm i agents@latest @cloudflare/ai-chat@latest
AI Search now offers new REST API endpoints for search and chat that use an OpenAI compatible format. This means you can use the familiar messages array structure that works with existing OpenAI SDKs and tools. The messages array also lets you pass previous messages within a session, so the model can maintain context across multiple turns.
EndpointPathChat CompletionsPOST /accounts/{account_id}/ai-search/instances/{name}/chat/completionsSearchPOST /accounts/{account_id}/ai-search/instances/{name}/search Here is an example request to the Chat Completions endpoint using the new messages array format: curl https://api.cloudflare.com/client/v4/accounts/{ACCOUNT_ID}/ai-search/instances/{NAME}/chat/completions \ -H "Content-Type: application/json" \ -H "Authorization: Bearer {API_TOKEN}" \ -d '{ "messages": [ { "role": "system", "content": "You are a helpful documentation assistant." }, { "role": "user", "content": "How do I get started?" } ] }' For more details, refer to the AI Search REST API guide. Migration from existing AutoRAG API (recommended) If you are using the previous AutoRAG API endpoints (/autorag/rags/), we recommend migrating to the new endpoints. The previous AutoRAG API endpoints will continue to be fully supported. Refer to the migration guide for step-by-step instructions.
AI Search now supports public endpoints, UI snippets, and MCP, making it easy to add search to your website or connect AI agents. Public endpoints allow you to expose AI Search capabilities without requiring API authentication. To enable public endpoints:
Go to AI Search in the Cloudflare dashboard. Go to AI Search
Select your instance, and turn on Public Endpoint in Settings. For more details, refer to Public endpoint configuration.
UI snippets UI snippets are pre-built search and chat components you can embed in your website. Visit search.ai.cloudflare.com to configure and preview components for your AI Search instance. To add a search modal to your page: script type="module" src="https://.search.ai.cloudflare.com/assets/v0.0.25/search-snippet.es.js">script> search-modal-snippet api-url="https://INSTANCE_ID>.search.ai.cloudflare.com/" placeholder="Search...">search-modal-snippet> For more details, refer to the UI snippets documentation. MCP The MCP endpoint allows AI agents to search your content via the Model Context Protocol. Connect your MCP client to: https://.search.ai.cloudflare.com/mcp For more details, refer to the MCP documentation.
Cloudflare Access supports managed OAuth, which allows non-browser clients — such as CLIs, AI agents, SDKs, and scripts — to authenticate with Access-protected applications using a standard OAuth 2.0 authorization code flow.
Previously, non-browser clients that attempted to access a protected application received a 302 redirect to a login page they could not complete. The established workaround was cloudflared access curl, which required installing additional tooling.
With managed OAuth, clients instead receive a 401 response with a WWW-Authenticate header that points to Access's OAuth discovery endpoints (RFC 8414 and RFC 9728). The client opens the end user's browser to the Access login page. The end user authenticates with their identity provider, and the client receives an OAuth access token for subsequent requests.
Access enforces the same policies as a browser login; the OAuth layer is a new transport mechanism, not a separate authentication path.
Managed OAuth can be enabled on any self-hosted Access application or MCP server portal. It is opt-in for existing applications to avoid interfering with those that run their own OAuth servers and rely on their own WWW-Authenticate headers.
Note
For MCP server portals, managed OAuth is enabled by default on new portals. It remains opt-in for self-hosted applications.
To enable managed OAuth, go to Zero Trust > Access controls > Applications, edit the application, and turn on Managed OAuth under Advanced settings.
You can also enable it via the API by setting oauth_configuration.enabled to true on the Access applications endpoint.
For setup instructions, refer to Enable managed OAuth.
DNS Analytics is now available for customers with Customer Metadata Boundary (CMB) set to EU. Query your DNS analytics data while keeping metadata stored in the EU region. This update includes:
DNS Analytics — Access the same DNS analytics experience for zones in CMB=EU accounts. EU data residency — Analytics data is stored and queried from the EU region, meeting data localization requirements. DNS Firewall Analytics — DNS Firewall analytics is now supported for CMB=EU customers.
Availability Available to customers with the Data Localization Suite who have Customer Metadata Boundary configured for the EU region. Where to find it
Authoritative DNS: In the Cloudflare dashboard, select your zone and go to the Analytics page. Go to Analytics
DNS Firewall: In the Cloudflare dashboard, go to the DNS Firewall Analytics page. Go to Analytics
For more information, refer to DNS Analytics and DNS Firewall Analytics.
Each VPC Service now has a Metrics tab so you can monitor connection health and debug failures without leaving the dashboard.
Connections — See successful and failed connections over time, broken down by what is responsible: your origin (Bad Upstream), your configuration (Client), or Cloudflare (Internal). Latency — Track connection and DNS resolution latency trends. Errors — Drill into specific error codes grouped by category, with filters to isolate upstream, client, or internal failures.
You can also view and edit your VPC Service configuration, host details, and port assignments from the Settings tab. For a full list of error codes and what they mean, refer to Troubleshooting.
In the Cloudflare One dashboard, the overview page for a specific Cloudflare Tunnel now shows all replicas of that tunnel and supports streaming logs from multiple replicas at once. Previously, you could only stream logs from one replica at a time. With this update:
Replicas on the tunnel overview — All active replicas for the selected tunnel now appear on that tunnel's overview page under Connectors. Select any replica to stream its logs. Multi-connector log streaming — Stream logs from multiple replicas simultaneously, making it easier to correlate events across your infrastructure during debugging or incident response. To try it out, log in to Cloudflare One and go to Networks > Connectors > Cloudflare Tunnels. Select View logs next to the tunnel you want to monitor.
For more information, refer to Tunnel log streams and Deploy replicas.
MCP server portals can now route traffic through Cloudflare Gateway for richer HTTP request logging and data loss prevention (DLP) scanning. When Gateway routing is turned on, portal traffic appears in your Gateway HTTP logs. You can create Gateway HTTP policies with DLP profiles to detect and block sensitive data sent to upstream MCP servers. NoteDLP AI prompt profiles do not apply to MCP server portal traffic. To enable Gateway routing, go to Access controls > AI controls, edit the portal, and turn on Route traffic through Cloudflare Gateway under Basic information. For more details, refer to Route traffic through Gateway.
Workers AI is officially in the big models game. @cf/moonshotai/kimi-k2.5 is the first frontier-scale open-source model on our AI inference platform — a large model with a full 256k context window, multi-turn tool calling, vision inputs, and structured outputs. By bringing a frontier-scale model directly onto the Cloudflare Developer Platform, you can now run the entire agent lifecycle on a single, unified platform. The model has proven to be a fast, efficient alternative to larger proprietary models without sacrificing quality. As AI adoption increases, the volume of inference is skyrocketing — now you can access frontier intelligence at a fraction of the cost. Key capabilities
256,000 token context window for retaining full conversation history, tool definitions, and entire codebases across long-running agent sessions Multi-turn tool calling for building agents that invoke tools across multiple conversation turns Vision inputs for processing images alongside text Structured outputs with JSON mode and JSON Schema support for reliable downstream parsing Function calling for integrating external tools and APIs into agent workflows
Prefix caching and session affinity When an agent sends a new prompt, it resends all previous prompts, tools, and context from the session. The delta between consecutive requests is usually just a few new lines of input. Prefix caching avoids reprocessing the shared context, saving time and compute from the prefill stage. This means faster Time to First Token (TTFT) and higher Tokens Per Second (TPS) throughput. Workers AI has done prefix caching, but we are now surfacing cached tokens as a usage metric and offering a discount on cached tokens compared to input tokens (pricing is listed on the model page). curl -X POST \ "https://api.cloudflare.com/client/v4/accounts/{account_id}/ai/run/@cf/moonshotai/kimi-k2.5" \ -H "Authorization: Bearer {api_token}" \ -H "Content-Type: application/json" \ -H "x-session-affinity: ses_12345678" \ -d '{ "messages": [ { "role": "system", "content": "You are a helpful assistant." }, { "role": "user", "content": "What is prefix caching and why does it matter?" } ], "max_tokens": 2400, "stream": true }' Some clients like OpenCode implement session affinity automatically. The Agents SDK starter also sets up the wiring for you. Redesigned asynchronous API For volumes of requests that exceed synchronous rate limits, you can submit batches of inferences to be completed asynchronously. We have revamped the Asynchronous Batch API with a pull-based system that processes queued requests as soon as capacity is available. With internal testing, async requests usually execute within 5 minutes, but this depends on live traffic. The async API is the best way to avoid capacity errors in durable workflows. It is ideal for use cases that are not real-time, such as code scanning agents or research agents. To use the asynchronous API, pass queueRequest: true: // 1. Push a batch of requests into the queueconst res = await env.AI.run( "@cf/moonshotai/kimi-k2.5", { requests: [ { messages: [{ role: "user", content: "Tell me a joke" }], }, { messages: [{ role: "user", content: "Explain the Pythagoras theorem" }], }, ], }, { queueRequest: true },); // 2. Grab the request IDconst requestId = res.request_id; // 3. Poll for the resultconst result = await env.AI.run("@cf/moonshotai/kimi-k2.5", { request_id: requestId,}); if (result.status === "queued" || result.status === "running") { // Retry by polling again} else { return Response.json(result);} You can also set up event notifications to know when inference is complete instead of polling. Get started Use Kimi K2.5 through the Workers AI binding (env.AI.run()), the REST API at /run or /v1/chat/completions, AI Gateway, or via the OpenAI-compatible endpoint. For more information, refer to the Kimi K2.5 model page, pricing, and prompt caching.
You can now manage Cloudflare Tunnels directly from Wrangler, the CLI for the Cloudflare Developer Platform. The new wrangler tunnel commands let you create, run, and manage tunnels without leaving your terminal. Available commands:
wrangler tunnel create — Create a new remotely managed tunnel. wrangler tunnel list — List all tunnels in your account. wrangler tunnel info — Display details about a specific tunnel. wrangler tunnel delete — Delete a tunnel. wrangler tunnel run — Run a tunnel using the cloudflared daemon. wrangler tunnel quick-start — Start a free, temporary tunnel without an account using Quick Tunnels.
Wrangler handles downloading and managing the cloudflared binary automatically. On first use, you will be prompted to download cloudflared to a local cache directory. These commands are currently experimental and may change without notice. To get started, refer to the Wrangler tunnel commands documentation.
Hyperdrive now supports custom TLS/SSL certificates for MySQL databases, bringing the same certificate options previously available for PostgreSQL to MySQL connections. You can now configure:
Server certificate verification with VERIFY_CA or VERIFY_IDENTITY SSL modes to verify that your MySQL database server's certificate is signed by the expected certificate authority (CA). Client certificates (mTLS) for Hyperdrive to authenticate itself to your MySQL database with credentials beyond username and password.
Create a Hyperdrive configuration with custom certificates for MySQL:
For more information, refer to SSL/TLS certificates for Hyperdrive and MySQL TLS/SSL modes.
Service Key authentication for the Cloudflare API is deprecated. Service Keys will stop working on September 30, 2026. API Tokens replace Service Keys with fine-grained permissions, expiration, and revocation. What you need to do Replace any use of the X-Auth-User-Service-Key header with an API Token scoped to the permissions your integration requires. If you use cloudflared, update to a version from November 2022 or later. These versions already use API Tokens. If you use origin-ca-issuer, update to a version that supports API Token authentication. For more information, refer to API deprecations.
We are introducing Logo Match Preview, bringing the same pre-save visibility to visual assets that was previously only available for string-based queries. This update allows you to fine-tune your brand detection strategy before committing to a live monitor. What’s new:
Upload your brand logo and immediately see a sample of potential matches from recently detected sites before finalizing the query Adjust your similarity score (from 75% to 100%) and watch the results refresh in real-time to find the balance between broad detection and noise reduction Review the specific logos triggered by your current settings to ensure your query is capturing the right level of brand infringement
If you are ready to test your brand assets, go to the Brand Protection dashboard to try the new preview tool.
You can now use a Workers binding to transform videos with Media Transformations. This allows you to resize, crop, extract frames, and extract audio from videos stored anywhere, even in private locations like R2 buckets. The Media Transformations binding is useful when you want to:
Transform videos stored in private or protected sources Optimize videos and store the output directly back to R2 for re-use Extract still frames for classification or description with Workers AI Extract audio tracks for transcription using Workers AI
To get started, add the Media binding to your Wrangler configuration:
wrangler.jsonc { "$schema": "./node_modules/wrangler/config-schema.json", "media": { "binding": "MEDIA" }} wrangler.toml [media]binding = "MEDIA"
Then use the binding in your Worker to transform videos:
JavaScript export default { async fetch(request, env) { const video = await env.R2_BUCKET.get("input.mp4");
const result = env.MEDIA.input(video.body) .transform({ width: 480, height: 270 }) .output({ mode: "video", duration: "5s" });
return await result.response(); },}; TypeScript export default { async fetch(request, env) { const video = await env.R2_BUCKET.get("input.mp4");
const result = env.MEDIA.input(video.body) .transform({ width: 480, height: 270 }) .output({ mode: "video", duration: "5s" });
return await result.response(); },};
Output modes include video for optimized MP4 clips, frame for still images, spritesheet for multiple frames, and audio for M4A extraction.
For more information, refer to the Media Transformations binding documentation.