Cloudflare Autologin

Hey CF community!

My name's Michael and i've been using Cloudflare for a few years now. I run a web development firm so I run all my clients on Cloudflare. Based on their needs and requests, they get different Cloudflare plans. I recently built a dashboard to help me manage all of the clients so I am going to start using CF APIs for my dashboard to get analytics and execute actions. I have a particular section in the dashboard for client management, each of the buttons in the table opens a new tab and automatically logs into whichever target its pointed to. For instance, here's the flow:
  • Website (Opens client site)
  • Web Admin (Opens client’s admin panel-- Wordpress or Shopify generally, if it’s all custom this field will be empty.)
  • cPanel (Autologs in)
  • Webmail (Autologs in)
  • Cloudflare (???)

I understand Cloudflare generates a token each time for user logins for security purposes
I also understand there has probably never been a need for what I’m asking.
Here are my questions:

  1. Is there currently a method of executing autologins based on URLs or cURL requests?
    1a. If there is someone please direct me to the method
  2. If it’s not already a thing, can I make something to auto log me in to my account to manage my clients’ sites?
    2a. Is it against the rules?
  3. If all is well and i’m able to do this it would be for use for my team only and if this doesn’t violate any rules i’d gladly build a file to share with the community if they have similar needs.

I’ve dealt with Cloudflare support before and I love the service. This is my first time making a community topic. Thank you for reading. If you don’t have an answer but are curious, i’m interested to hear what you have to say so drop a reply! Thanks again, have a good one guys.

Here’s my dashboard:

Dashboard:

Not as far as I am aware.

There are no such rules per se, however I’d consider it a grey area. Also, that most likely wouldnt be exactly a stable solution, as Cloudflare could change the login mechanism at any time. Also also, there are cases where it would simply fail due to a captcha or verification prompt.

Can it be done? Without having looked too much into the workflow, probably yes. Would I do it? Equally probably no :slight_smile:

1 Like

Hey, thanks for the speedy reply. I have a background in developing automated software so the captcha wouldn’t be such a big problem but yeah I’m prepared for altering my code per Cloudflare updating the login system. Thank you again. Cheers.

The captcha should and will be a problem, unless you plan to have your users solve it manually, in which case the automated login will be less useful. Also, dont forget about the occasional email verification.

Overall, I’d say let your users log in manually. If there is a specific task you want to do, use the dedicated HTTP interface.