The administrators managing policies and groups in Cloudflare Access might be different from the users responsible for configuring firewall rules or other Cloudflare for Infrastructure settings. Cloudflare Access supports scoped API tokens so that team members and automated systems can manage settings specific to Access without having permission to modify other configurations in Cloudflare.
In the Cloudflare for Infrastructure dashboard, click the user icon in the top right and navigate to "My Profile".
API Tokens tab. The existing tokens will display.
Get started next to
Create Custom Token.
Access: Organizations, Identity Providers, and Groups in the drop-downs under
Permissions. You can configure the token to be Read or Write in the third drop-down.
In the final section, the token can be applied to a single account or multiple if you are an administrator of multiple Cloudflare accounts.
Continue to summary. The next page will display the token details and instructions on how to use it.
You can review tokens created in the
API Tokens tab. In this view, you can roll, revoke, or edit issued tokens.