Using Cloudflare without Global API Key
-
Do you have a documentation/blog post about the Cloudflare API setup for Cloudron?
This is my settings for now, but I'm not sure if I miss something. My instance working alright with the following settings, but if you know the better/secure/correct settings, could you let me know?
-
@hiyukoim said in Using Cloudflare without Global API Key:
This is my settings for now, but I'm not sure if I miss something. My instance working alright with the following settings, but if you know the better/secure/correct settings, could you let me know?
Thank for this screenshot
it's work like a charm -
I wish we can remove the "All zones" setting but afaict there is no way to get the zone id (which is required by the API) without listing the zones. I guess one alternative is to let users the zone id in the DNS setup form but this appears complicated.
-
@girish said in Using Cloudflare without Global API Key:
I wish we can remove the "All zones" setting but afaict there is no way to get the zone id (which is required by the API) without listing the zones. I guess one alternative is to let users the zone id in the DNS setup form but this appears complicated.
I don't know if something change from Cloudflare and/or Cloudron side around this but I was able to limit the API to a specific zone without issue
and then to 3 specific zone and one specific IP
It's still working with these only this Permission
- Zone.DNS Edit
-
@girish said in Using Cloudflare without Global API Key:
Can confirm that all zones access is not required in cloudflare anymore. Will update docs.
I had to reinstall my Cloudflare than with these setting at Cloudflare
the detail of this Token
I had zero issue to install and configure my 5 domains
the only right my Cloudron API have is to
Edit specific Zone from a specific IP -
@girish said in Using Cloudflare without Global API Key:
Can confirm that all zones access is not required in cloudflare anymore. Will update docs.
I just added a domain than, just to be more concise
we have to specify the Zone Nameunless it will not work with only
Zone -> DNS -> Edit
permissions at Cloudflare