Skip to main content

Cloudflare Authentication Credentials

Description

General

  • Documentation: https://api.cloudflare.com/

  • Summary: Cloudflare supports OAuth2 authentication credentials for third-party applications and integrations. These credentials are used to obtain access tokens, which allow authorized applications to interact with the Cloudflare API on behalf of a user.

  • IPs allowlist: As of the time of writing this documentation, IP allowlisting is not supported for OAuth2 credentials.

  • Scopes: OAuth2 credentials can be configured with specific scopes during the application setup in the Cloudflare dashboard. Scopes define the level of access granted to the application, such as read-only access to zones, DNS management, or full account access. Custom scopes can be defined to restrict access to specific resources or actions.

Revoke the secret

To revoke access, navigate to the Cloudflare OAuth Apps section in the dashboard. Additionally, any active access tokens issued to the application can be revoked individually.

Check for suspicious activity

Cloudflare provides audit logs to monitor OAuth2-related activity, including token issuance and usage. Suspicious activity, such as unauthorized token generation or API calls, can be reviewed in the audit logs. For more details, refer to the audit logs documentation.

Details for Cloudflare auth email

  • Family: credentials

  • Category: cdn

  • Company: Cloudflare

  • High recall: False

  • Validity check available: True

  • Analyzer available: False

  • On-premise instances exist: False

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 4.92

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- cloudflare

Examples

- text: |
email="foo.bar@mail.com", apikey="78aa565a1a17665b5c6444b96fd9175a45f6f", endpoint="https://api.cloudflare.com/client/v4/"
client_id: 'foo.bar@mail.com'
client_secret: '78aa565a1a17665b5c6444b96fd9175a45f6f'
- text: email="foo.bar@mail.com", apikey="78aa565a1a17665b5c6444b96fd9175a45f6f", endpoint="https://api.cloudflare.com/client/v4/"

client_id: foo.bar@mail.com
client_secret: 78aa565a1a17665b5c6444b96fd9175a45f6f