Cloudflare Docs
Cloudflare Fundamentals
Visit Cloudflare Fundamentals on GitHub
Set theme to dark (⇧+D)

Make API calls

Once you create your API token, all API requests are authorized in the same way. Cloudflare uses the RFC standard Authorization: Bearer <API_TOKEN> interface. An example request is shown below.

$ curl "<ZONE_ID>" \
-H "Authorization: Bearer YQSn-xWAQiiEh9qM58wZNnyQS7FUdoqGIUAbrh7T"

Never send or store your API token secret in plaintext. Also be sure not to check it into code repositories, especially public ones.

​​ Using Cloudflare’s APIs

Every Cloudflare API element is fixed to a version number. The latest version is Version 4. The stable base URL for all Version 4 HTTPS endpoints is:

For specific guidance on making API calls, refer to the following resources: