How any kind of API access (or API granularity) is being used, is be up to the individual implementer to decide.
Similarly to e.g. “Titles & Meta Settings”, “General Settings”, “Sitemap Settings”, “404 Monitor Log”, and so on, taken from your second link with Rank Math above, they could also have implemented a “Cache Purge” privilege, if they wanted to.
I would therefore suggest you to send your suggestions regarding this towards the actual shop system that you’re using, such as for example by asking them to make it possible to add a such “Cache Purge” privilege to individual roles, so that you can grant that permission for your shop managers.
It is not the case. Shop managers are not my admin in wp-admin side.
So they can’t reach all settings in wordpress’s admin page.
Even we use role manager plugin to trim their permissions more. So they can’t mistakenly change theme or damage website.
If we open cloudflare’s whole access to them through wep-admin we have to open too much.
Instead of that, cloudflare plugin should have flush cache setting in top admin bar and it should be based on role.
So we don’t have to deal with these issues.