Cloudflare - User Guide

In this article, you will understand step by step how to easily integrate with Cloudflare

How to connect Cloudflare integration?

Step 1: Generate API token in Cloudflare

  • Log in to Cloudflare.
  • Go to "My Profile" by clicking the user icon at the top right.

  • Navigate to the "API tokens" option on the left-hand menu and then select "Create Token".

  • For a seamless experience without the need to reconnect the integration in the future, we highly recommend using the template and granting read access to all resources.
  • Select the option 'Use template' next to the 'Read all resources' option.


  • Edit the Token name field, for example: ScytaleToken.



  • Scroll down and click on "Continue to summary".

  • Click on "Create Token".

  • After generating the token, make sure to copy the token before leaving the page. 

Step 2: Login to Scytale application to connect Cloudflare

  • Click on the "Integrations" menu screen on the left-hand side.
  • Click on the Connect button under the Cloudflare icon.
  • Paste the API token that you generated in Cloudflare in step 1.
  • Connection Name - is used to differentiate between your connections.
    • For instance, if you manage multiple accounts or would like to connect multiple times to the integration. It's automatically titled (Connection 1,2,3 etc), but you can change it to a custom name to make it easier to identify.
  • Click "Connect".

✅ Click Done, Cloudflare is connected.

If you prefer not to give permissions to read all resources, you have the option to create a custom token in Cloudflare and specify the following permissions: 

  • Zone:Fraud Detection:Read

  • Zone: Config Rules:Read

  • Zone: Dynamic Redirect:Read

  • Zone: API Gateway:Read

  • Zone: HTTP DDoS Managed Ruleset:Read

  • Zone: Zone WAF:Read

  • Zone: Zone Settings:Read

  • Zone: Zone:Read

  • Zone: DNS:Read

  • Zone: Load Balancers:Read

  • Zone: Firewall Services:Read

  • Zone: SSL and Certificates:Read

  • User: Memberships:Read

  • User Details:Read

  • Account: SSL and Certificates:Read

  • Account: API Gateway:Read

  • Account: Access: SSH Auditing:Read

  • Account: Page Shield:Read

  • Account: Magic Firewall:Read

  • Account: L3/4 DDoS Managed Ruleset:Read

  • Account: Account WAF:Read

  • Account: DDoS Protection:Read

  • Account: Account Rulesets:Read

  • Account: Access: Organizations, Identity Providers, and Groups:Read

  • Account: Firewall Access Rules:Read

  • Account: Account Settings:Read