Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update create-token.mdx #17040

Merged
merged 2 commits into from
Sep 24, 2024
Merged

Update create-token.mdx #17040

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9dca2c2
Update create-token.mdx
jsoCloudflare Sep 23, 2024
5705e24
Apply suggestions from code review
patriciasantaana Sep 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 13 additions & 11 deletions src/content/partials/fundamentals/create-token.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,31 +13,33 @@ Before you begin, [find your zone and account IDs](/fundamentals/setup/find-acco

:::

1. From the [Cloudflare dashboard](https://dash.cloudflare.com/profile/api-tokens/), go to **My Profile** > **API Tokens**.
1. Determine if you want a user token or an account owned token. If you are developing a new service that you want multiple superadministrators to use, and the endpoints you are calling are compatible with Account Owned Tokens, the option exists to use account tokens that are not connected to a specific user
patriciasantaana marked this conversation as resolved.
Show resolved Hide resolved

2. Select **Create Token**.
2. From the [Cloudflare dashboard](https://dash.cloudflare.com/profile/api-tokens/), go to **My Profile** > **API Tokens** for user tokens. For Account Tokens, go to **Manage Account** > **API Tokens**.

3. Select a template from the available [API token templates](/fundamentals/api/reference/template/) or create a custom token. We use the **Edit zone DNS** template in the following examples.
3. Select **Create Token**.

4. Add or edit the token name to describe why or how the token is used. Templates are prefilled with a token name and permissions.
4. Select a template from the available [API token templates](/fundamentals/api/reference/template/) or create a custom token. We use the **Edit zone DNS** template in the following examples.
patriciasantaana marked this conversation as resolved.
Show resolved Hide resolved

5. Add or edit the token name to describe why or how the token is used. Templates are prefilled with a token name and permissions.

![Token template overview screen](~/assets/images/fundamentals/api/template-customize.png)

5. Modify the token's permissions. After selecting a permissions group (*Account*, *User*, or *Zone*), choose what level of access to grant the token. Most groups offer `Edit` or `Read` options. `Edit` is full CRUDL (create, read, update, delete, list) access, while `Read` is the read permission and list where appropriate. Refer to the [available token permissions](/fundamentals/api/reference/permissions/) for more information.
6. Modify the token's permissions. After selecting a permissions group (*Account*, *User*, or *Zone*), choose what level of access to grant the token. Most groups offer `Edit` or `Read` options. `Edit` is full CRUDL (create, read, update, delete, list) access, while `Read` is the read permission and list where appropriate. Refer to the [available token permissions](/fundamentals/api/reference/permissions/) for more information.

6. Select which resources the token is authorized to access. For example, granting `Zone DNS Read` access to a zone `example.com` will allow the token to read DNS records only for that specific zone. Any other zone will return an error for DNS record reads operations. Any other operation on that zone will also return an error.
7. Select which resources the token is authorized to access. For example, granting `Zone DNS Read` access to a zone `example.com` will allow the token to read DNS records only for that specific zone. Any other zone will return an error for DNS record reads operations. Any other operation on that zone will also return an error.

7. (Optional) Restrict how a token is used in the **Client IP Address Filtering** and **TTL (time to live)** fields.
8. (Optional) Restrict how a token is used in the **Client IP Address Filtering** and **TTL (time to live)** fields.

8. Select **Continue to summary**.
9. Select **Continue to summary**.

9. Review the token summary. Select **Edit token** to make adjustments. You can also edit a token after creation.
10. Review the token summary. Select **Edit token** to make adjustments. You can also edit a token after creation.

![Token summary screen displaying the resources and permissions selected](~/assets/images/fundamentals/api/token-summary.png)

10. Select **Create Token** to generate the token's secret.
11. Select **Create Token** to generate the token's secret.

11. Copy the secret to a secure place.
12. Copy the secret to a secure place.

<Render file="new-token-warning" product="fundamentals" />

Expand Down
Loading