Workers KV "Query Request Analytics" endpoint should support Api Token auth

john.spurlock · July 28, 2021, 8:48pm

Currently, Workers KV Request Analytics [1] only supports Cloudflare’s Api Key auth. Using Api Keys is dangerous since keys have global read/write access to the account. Api Tokens can be scoped, and have been supported in other Cloudflare endpoints for some time [2].

This account-level read-only analytics endpoint should support Api Token auth, especially since there is now is an Account-level “Account Analytics” token permission that would map perfectly to this use case.

[1] Cloudflare API v4 Documentation
[2] Announcing the General Availability of API Tokens

azhao · July 29, 2021, 10:49pm

Thanks for taking the time to write this! The team will review this as a feature request.

john.spurlock · July 29, 2021, 11:15pm

Thank you! Looking forward to it.

You probably already captured this in the feature request, but both KV Request Analytics and KV Stored Data Analytics [3] (both of the custom KV analytics endpoints) should be fixed together

[3] Cloudflare API v4 Documentation

Topic		Replies	Views
Workers analytics via the api? Workers	1	2219	March 31, 2020
Cloudflare Workers as an API endpoint Workers	3	2314	June 8, 2022
Cross Account KV Workers	1	2119	January 3, 2022
Workers KV Analytics - per-KV analytics? Workers	4	2488	February 16, 2021
Rate Limiting and access KV by workers API	3	2140	September 21, 2020

Workers KV "Query Request Analytics" endpoint should support Api Token auth

Related topics