API Reference

R2

Temporary Credentials

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Create Temporary Access Credentials

r2.temporary_credentials.create(TemporaryCredentialCreateParams**kwargs) -> TemporaryCredentialCreateResponse

POST/accounts/{account_id}/r2/temp-access-credentials

Creates temporary access credentials on a bucket that can be optionally scoped to prefixes or objects.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

ParametersExpand Collapse

account_id: str

Account ID.

maxLength32

bucket: str

Name of the R2 bucket.

parent_access_key_id: str

The parent access key id to use for signing.

permission: Literal["admin-read-write", "admin-read-only", "object-read-write", "object-read-only"]

Permissions allowed on the credentials.

One of the following:

"admin-read-write"

"admin-read-only"

"object-read-write"

"object-read-only"

ttl_seconds: float

How long the credentials will live for in seconds.

maximum604800

objects: Optional[SequenceNotStr[str]]

Optional object paths to scope the credentials to.

prefixes: Optional[SequenceNotStr[str]]

Optional prefix paths to scope the credentials to.

ReturnsExpand Collapse

class TemporaryCredentialCreateResponse: …

access_key_id: Optional[str]

ID for new access key.

secret_access_key: Optional[str]

Secret access key.

session_token: Optional[str]

Security token.

Create Temporary Access Credentials

Python

HTTP

TypeScript

Python

Go

Terraform

import os
from cloudflare import Cloudflare

client = Cloudflare(
    api_token=os.environ.get("CLOUDFLARE_API_TOKEN"),  # This is the default and can be omitted
)
temporary_credential = client.r2.temporary_credentials.create(
    account_id="023e105f4ecef8ad9ca31a8372d0c353",
    bucket="example-bucket",
    parent_access_key_id="example-access-key-id",
    permission="object-read-write",
    ttl_seconds=3600,
)
print(temporary_credential.access_key_id)

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    "string"
  ],
  "result": {
    "accessKeyId": "example-access-key-id",
    "secretAccessKey": "example-secret-key",
    "sessionToken": "example-session-token"
  },
  "success": true
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    "string"
  ],
  "result": {
    "accessKeyId": "example-access-key-id",
    "secretAccessKey": "example-secret-key",
    "sessionToken": "example-session-token"
  },
  "success": true
}