Closed josephrocca closed 1 year ago
Yes, we are planning to use the new API Token, which can have a restricted scope.
I believe it's now possible to restrict your API token to a specific zone. Closing this issue because the templates have moved over to the worker-sdk monorepo: https://github.com/cloudflare/workers-sdk/tree/main/templates.
if you're still experiencing issues feel free to open an issue there.
The instructions for the HTML edge cache use the global Cloudflare API key - I'm wondering whether it's possible to use a zone-specific one for better security? If so, is there any chance the instructions could be updated with the specific permissions required by the token and any extra steps required to use a non-global token?