Ensure the token has been verified by running the followingcurl command and confirming that the response returns"status": "active".
curl"https://api.cloudflare.com/client/v4/user/tokens/verify"\--header"Authorization: Bearer <API_TOKEN>"{"success":true,"errors":[],"messages":[],"result":{"id":"f267e341f3dd4697bd3b9f71dd96247f","status":"active","not_before":"2018-07-01T05:20:00Z","expires_on":"2020-01-01T00:00:00Z"}}Review the permissions groups for your token in theCloudflare dashboard ↗. Refer toAPI token permissions for more information.
Occasionally customers will attempt to use an API token with an API key syntax. Ensure you are using the Bearer option rather than the email and API key pair.
You cannot create a token that exceeds the permission granted to you on your account. For example, if you have been granted anAdmin (Read only) role, you would need your Super Administrator to update your role so that you could create a token for yourself.
- Resources
- API
- New to Cloudflare?
- Products
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- © 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark
