I am very happy to see that the ability to create sub-users has been lowered to all customers. It is still really needed to have the ability to modify the permissions of sub-users.
I have several people I would like to grant access to be able to clear the Cloudflare Cache, but I do not want them to have full administrator access to the entire account.
The API is not really a solution to this problem for me as the security around that is very weak. Using the API completely removes the security benefit of having 2FA on your account. There is also no ability to restrict the use of the API to certain IP’s. It’s essentially a root password to your account with no additional security around it.
I would love it if Cloudflare could add the ability to limit permissions on user and API accounts. It would also be very great if you could limit API usage to specific IP’s.