Getting access to the Cloudflare API
Using the Cloudflare API, requires authentication so that Cloudflare knows who is making requests and what permissions they have. An API Token can be created to grant access to the API to perform actions. See for more on this.
Legacy Note: Existing customers may be familiar with API Keys. These allow for less granular access and each user can only have one. For these reasons, we advice customers using API Keys to transition to using API Tokens.
Making API Calls
Once you have your API Token created, all API requests are authorized in the same way. Cloudflare uses the
Authorization: Bearer <Token> interface. When used in an example Cloudflare API request it looks like this:
curl -X GET "https://api.cloudflare.com/client/v4/zones/<ACCOUNT_ID>" \-H "Content-Type:application/json" \-H "Authorization: Bearer YQSn-xWAQiiEh9qM58wZNnyQS7FUdoqGIUAbrh7T"
The above example is just that, an example. Never send anyone or store you API Token secret in plaintext. Also be sure not to check it into code repositories especially public ones like on github.
Finding your zone and account IDs
When using the Cloudflare API, you will need to know your Account ID and Zone ID.
Using Cloudflare’s APIs
For specific guidance on making API calls, see the following: