What is the best way to set up a Cloudflare account for a small team?
What steps have you taken to resolve the issue?
I am part of a 4-person team managing a website for a free open-source project. We all want to be equal team members: we want the project to be able to continue seamlessly if one of us suddenly becomes unavailable. At the same time, we don’t want to share billing information with each other (we don’t want each other to see our full credit card numbers).
Should we all be super-administrators, or should there only be one super-administrator? If there is only one super-admin, we expose ourselves to the risk at Cloudflare super administrator has left our company. If we are all super-admins, then would we see each other’s billing information?
There’s also the question of how we set up the account in the first place. We’re a team and we each work in different companies, so we can’t use a company email address. We don’t want to use anyone’s personal account. The best I can think of is to create a new special email address and then somehow share the account among the four of us, but that’s surprisingly hard to do. I wish Cloudflare had a concept of an “organization” like GitHub.
Add one Super Administrator.
Add others as Administrators and create Account / API Tokens for each member to separate privileges and more.
If it’s a company already, you’ve got someone who’s responsible for financial part, right? A single person can manage payment/billing then or 3rd-party contractor.
If you’re worried about the risk of one person leaving, then having multiple super-administrators is a reasonable approach. However, it’s important to note that Cloudflare’s billing information can be accessed by anyone with super-admin permissions.
Assign one person as the super-admin for billing purposes only. This person will manage the billing information and subscriptions but won’t necessarily have broader administrative rights.
Other team members can be admins with sufficient permissions to manage the configuration and day-to-day operations of the Cloudflare account (DNS settings, firewalls, etc.). These admins wouldn’t have access to billing details, so they won’t see or alter credit card information.
Given that you’re working from different companies and don’t want to use a personal email address, creating a shared team email address (such as [email protected]) is indeed the right approach. You can set up a forwarding rule to ensure all team members can access the account.