Skip to content

AccountApiToken

Source: src/Cloudflare/ApiToken/AccountApiToken.ts

A Cloudflare account-owned API token (POST /accounts/{account_id}/tokens).

Account-owned tokens are managed at the account level and persist independently of any single user. Use these for CI tokens, third-party integrations, or anywhere the token should outlive an individual user’s session.

Creating account-owned tokens requires the caller to have the API Tokens > Write account permission.

Creating a Token

Section titled “Creating a Token”
const token = yield* Cloudflare.AccountApiToken("ci-token", {
  name: "my-ci-token",
  accountId,
  policies: [
    {
      effect: "allow",
      permissionGroups: [
        "Workers Scripts Write",
        "Workers KV Storage Write",
      ],
      resources: { [`com.cloudflare.api.account.${accountId}`]: "*" },
    },
  ],
});


yield* GitHub.Secret("cf-api-token", {
  owner: "me",
  repository: "my-repo",
  name: "CLOUDFLARE_API_TOKEN",
  value: token.value,
});