Restricted API keys

Doesn’t look like it. This uses different headers for authentication, so clients will need to be updated/changed.

+1 This is the only obstacle keeping me from becoming a Cloudflare customer.

We will be updating the client libraries we own to be compatible with API Tokens. The python library has not yet been updated.


I’m getting a 500 without any explanation while trying to use the purge_cache command. I’ve provisioned the api token with appropriate permissions and can use the “tokens/verify” to see that its valid. Is purge_cache implemented yet?

curl -i -X POST "<redacted>/purge_cache" \
>      -H "Authorization: Bearer <redacted>" \
>      -H "Content-Type: application/json" \
>      --data '{"purge_everything":true}'
HTTP/2 500
1 Like

Thanks for reporting. Someone else reported this issue and we are investigating. This seems to be a bug. Will let you know when we have a fix.


Hey @g2theg - exciting to see this in open beta! Thanks for your team’s work on this feature. Is there any chance that the wordpress plugin will get updated to handle the new scoped API keys in the next couple of months? Wondering whether I should wait for it or just use the worker edge cache plugin.

@kevin.g The purge cache issue should be resolved now. Let me know if you still run into issues.

1 Like

@joe35 we will be adding support for the wordpress plugin. We needed to do some internal work first which has just about finished. That will allow us to start on the plugin updates.

1 Like

Brilliant - looking forward to trying it out!

It’s not supported yet. I created an issue to track this feature request.

1 Like