Account Linking Alexa with Cloudflare

Hi all,

Based on this post (already closed), I was thinking on secure the account linking for my Alexa Skill (only used for Home Assistant).

Another approach which is already working on my environment is by using a Cloudflare Service Token just like it’s described here but I don’t like the idea to set public the function URL because I cannot enable IAM due to the request is generated by Aexa App during account linking.

Do you know if the solution shared by @dsm requires an Enterprise plan? Or it’s enough secure by following the cloudflare docs but setting the Service Auth policy in my Application to Include → Valid Certificate → Any valid certificate will be matched.? cc/ @jklimek

Also, @dsm if you are reading this:

  • What’s BASE_URL_EX?
  • Should I modify something to provide cert_file='client.pem', key_file='key.pem', cert_reqs='CERT_REQUIRED' in:
        http = HTTPSConnectionPool(base_url_ex, cert_file='client.pem', key_file='key.pem', cert_reqs='CERT_REQUIRED')

        #http = urllib3.connection_from_url(
        #    base_url,
        #    cert_file='client.pem',
        #    key_file='key.pem',
        #    cert_reqs='CERT_REQUIRED' if verify_ssl else 'CERT_NONE')

Thanks in advance for your support community!

I cannot edit my post due to permissions, the correct URLs are:

  • Old closed post:
  • Different approach using Service Tokens:
  • Cloudflare docs:


The solution I previously posted about seems to be working just fine, you can have up to 5 firewall rules from memory on the free plan. At some point the certs will expire and I’ll need to refresh but that’s a few years away yet. I’ve confirmed multiple times that devices without the certs get rejected so it seems to be doing it’s job correctly.

The BASE_URL_EX is just the URL without the leading https://. So BASE_URL would be and BASE_URL_EX would be

Hope this helps.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.