Cloudflare Docs

Cloudflare Fundamentals

Cloudflare Docs

Cloudflare Fundamentals

Overview
Concepts
What is Cloudflare?
How Cloudflare works
Cloudflare IP addresses
Our free plan
Reference architectures
The Internet
How to use Cloudflare
Manage account
Create account
Verify email address
Log into Cloudflare
Account security
Allow Cloudflare access
Login and account issues
Manage active sessions
Multi-Factor Email Authentication
Provision with SCIM
Review audit logs
Secure compromised account
Set up SSO
Two-factor authentication
Zone holds
Account customizations
Account name
Appearance
Communication preferences
Language preference
Manage domains
Add a site
Add multiple sites via automation
Connect your domain
Manage subdomains
Move a domain between Cloudflare accounts
Pause Cloudflare
Redirect one domain to another
Remove a domain
Star websites
Manage members
Manage
Roles
Role scopes
Set up SSO
Accounts, zones, and profiles
Find zone and account IDs
Use Cloudflare without changing nameservers
Troubleshooting
Subscriptions and billing
Create billing profile
Billing Policy
Cancel Cloudflare subscriptions
Change domain plan
Change password or email
Change Super Administrator
Delete your Cloudflare account
Preview services
Troubleshoot failed payments
Understand Cloudflare invoices
Update billing information
Basic tasks
Improve SEO
Interacting with Cloudflare
Maintenance mode
Minimize downtime
Optimize site speed
Prevent DDoS attacks
Protect your origin server
Recovering from a hacked site
Scan for PCI compliance
Secure your website
Test speed
Trace a request
How to
Limitations
Changelog
Under a DDoS attack?
Cloudflare's API
Get started
Create API token
Get Global API key (legacy)
Get Origin CA keys
How to
Make API calls
Create tokens via API
Control API Access
Restrict tokens
Roll tokens
Reference
Limits
API token permissions
API token templates
API deprecations
SDKs
Troubleshooting
Building custom views
Reference
Policies
Cloudflare Cookies
Compliance documentation
Content Security Policies (CSPs)
Incident Management Policy
Project Cybersafe Schools
Report abuse
Review abuse policies
Complaint types
Providing specific URLs
Submit report
/cdn-cgi/ endpoint
Cloudflare and Google Analytics
Cloudflare crawlers
Cloudflare HTTP request headers
Cloudflare Ray ID
Cryptographic Attestation of Personhood
Glossary
Network Layers
Network ports
Partners
Redirects
TCP connections
Under Attack mode

Troubleshooting API tokens and keys

The token is not verified

Ensure the token has been verified by running the following curl command and confirming that the response returns "status": "active".

curl "https://api.cloudflare.com/client/v4/user/tokens/verify" \
-H "Authorization: Bearer <API_TOKEN>"

{  "success": true,  "errors": [],  "messages": [],  "result": {    "id": "f267e341f3dd4697bd3b9f71dd96247f",    "status": "active",    "not_before": "2018-07-01T05:20:00Z",    "expires_on": "2020-01-01T00:00:00Z"  }
}

The token has incorrect permissions

Review the permissions groups for your token in the Cloudflare dashboard. Refer to API token permissions for more information.

The incorrect syntax is used

Occasionally customers will attempt to use an API token with an API key syntax. Ensure you are using the Bearer option rather than the email and API key pair.

You have the incorrect user permissions

You cannot create a token that exceeds the permission granted to you on your account. For example, if you have been granted an Admin (Read only) role, you would need your Super Administrator to update your role so that you could create a token for yourself.