Using Cloudflare without Global API Key
-
Do you get any more specific error codes/messages while trying to add a domain with such a key?
-
@iamthefij Do those API keys start with
v1.0-? If so, per the docs, we have to set a special header variable unlike the global API key (https://api.cloudflare.com/#getting-started-requests) -
Do you have a documentation/blog post about the Cloudflare API setup for Cloudron?
This is my settings for now, but I'm not sure if I miss something. My instance working alright with the following settings, but if you know the better/secure/correct settings, could you let me know?
-
Configuration looks correct. Ideally, Cloudron does not require access to all zones but without it we have to make the user enter the zone id which is kinda hard to find in the cloudflare UI.
-
Do you have a documentation/blog post about the Cloudflare API setup for Cloudron?
This is my settings for now, but I'm not sure if I miss something. My instance working alright with the following settings, but if you know the better/secure/correct settings, could you let me know?
@hiyukoim said in Using Cloudflare without Global API Key:
This is my settings for now, but I'm not sure if I miss something. My instance working alright with the following settings, but if you know the better/secure/correct settings, could you let me know?
Thank for this screenshot
it's work like a charm
-
I wish we can remove the "All zones" setting but afaict there is no way to get the zone id (which is required by the API) without listing the zones. I guess one alternative is to let users the zone id in the DNS setup form but this appears complicated.
-
I wish we can remove the "All zones" setting but afaict there is no way to get the zone id (which is required by the API) without listing the zones. I guess one alternative is to let users the zone id in the DNS setup form but this appears complicated.
@girish said in Using Cloudflare without Global API Key:
I wish we can remove the "All zones" setting but afaict there is no way to get the zone id (which is required by the API) without listing the zones. I guess one alternative is to let users the zone id in the DNS setup form but this appears complicated.
I don't know if something change from Cloudflare and/or Cloudron side around this but I was able to limit the API to a specific zone without issue
and then to 3 specific zone and one specific IP
It's still working with these only this Permission
- Zone.DNS Edit
-
@girish said in Using Cloudflare without Global API Key:
Can confirm that all zones access is not required in cloudflare anymore. Will update docs.
I had to reinstall my Cloudflare than with these setting at Cloudflare
the detail of this Token
I had zero issue to install and configure my 5 domains
the only right my Cloudron API have is to
Edit specific Zone from a specific IP -
@girish said in Using Cloudflare without Global API Key:
Can confirm that all zones access is not required in cloudflare anymore. Will update docs.
I just added a domain than, just to be more concise
we have to specify the Zone Name
unless it will not work with only
Zone -> DNS -> Editpermissions at Cloudflare
