Skip to content

ImagesSigningKey

Source: src/Cloudflare/Images/SigningKey.ts

A Cloudflare Images signing key — an HMAC key used to generate signed image delivery URLs (?sig= tokens) for images that require signed URLs.

Cloudflare allows at most two keys per account, supporting a create-second/migrate/delete-first rotation model, and refuses to delete the last remaining key. Re-PUTting an existing key name rotates (i.e. regenerates) its value, so this resource is existence-only: once the key exists, redeploys never re-PUT and the key material stays stable.

Requires the Cloudflare Images subscription; accounts without it receive the typed ImagesAccessNotEnabled error.

Creating a Signing Key

Section titled “Creating a Signing Key”

Key with a generated name

const key = yield* Cloudflare.ImagesSigningKey("UrlSigner", {});

Key with an explicit name

const key = yield* Cloudflare.ImagesSigningKey("UrlSigner", {
  name: "my-app-signer",
});

Using the key

Section titled “Using the key”
// The key material is redacted — pass it to your URL signer:
const secret = key.value; // Redacted<string>