DNS Update records with CURL
Hey...
Can anyone help me achieve the goal to update the an existent DNS record using a curl command?
I have tried so many things already without success.
ZONE_ID = information shown inside my zone domain, overview, under API
DNS_RECORD_ID = record ID that I want to change
EMAIL = email
API_KEY = created a aoi token with DNS:edit permitions
DNS_RECORD_NAME = subdomain.domain.tld
CURRENT_IP = IP to put in the record
Error i'm getting:
Any hints?
28 Replies
As you are using an API token, that auth header should be
--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" where $CLOUDFLARE_API_TOKEN has the same value as $CLOUDFLARE_API_KEY. You don't need the other X-Auth headersHey @Cyb3r-Jak3 , thanks for the help but using either PATCH or PUT methods, I'm getting the same error
{"success":false,"errors":[{"code":10000,"message":"PUT method not allowed for the api_token authentication scheme"}]}
anyone has any hint what can be the issue?
The token in use has the following permissions
@Cyb3r-Jok3 documentation states the need of auth-email and auth-key
https://developers.cloudflare.com/api/resources/dns/subresources/records/methods/edit/
Cloudflare API | DNS › Records › Update DNS Record
Interact with Cloudflare's products and services via the Cloudflare API
The docs don’t correctly show that you can use either. Token docs: https://developers.cloudflare.com/fundamentals/api/get-started/create-token/
Global Auth: https://developers.cloudflare.com/fundamentals/api/get-started/keys/
Cloudflare Docs
Create API token · Cloudflare Fundamentals docs
Learn how to create a token to perform actions using the Cloudflare API.
Cloudflare Docs
Get Global API key (legacy) · Cloudflare Fundamentals docs
Global API key is the previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API key.
I'm sorry but I've tested exactly that. There must be something wrong with my account. I have tried the API Token and the Global API key. Both deliver errors. I have recreated the tokens without any changes on the output of the commands
{"success":false,"errors":[{"code":10000,"message":"PATCH method not allowed for the api_token authentication scheme"}]}
{"success":false,"errors":[{"code":10001,"message":"Unable to authenticate request"}]}
Double check all your IDs
{"success":false,"errors":[{"code":10001,"message":"Unable to authenticate request"}]}is possible to get if your zone id isn't actually a zone id
{"success":false,"errors":[{"code":10000,"message":"PATCH method not allowed for the api_token authentication scheme"}]}in general w/ api keys indictates something's messed with your path (I know, very confusingly)
I did... I can use the same information to other CURLS such as
Your Zone ID is on the right side of the zone overview page (not in your url path)
good idea to throw on -vvv and see the path being requested
I'm getting my zone in the overview page and by running this
the dns record i want to update with this
when I run the update record:
{"success":false,"errors":[{"code":10000,"message":"PATCH method not allowed for the api_token authentication scheme"}]}
You need either
X-Auth-Email and X-Auth-Key when using the Global API Key
OR
Authorization: Bearer .... when using API Tokens
I'd add more logging there to see the $Zone_ID and $DNS_Record_ID as well
could also just hardcode the zone id just to test/skip one part that could be causing issues
like this?
error: {"success":false,"errors":[{"code":10000,"message":"PATCH method not allowed for the api_token authentication scheme"}]}
yea that's better but looks like your path is still messed up, would echo zone id/record id
I already did that without success
I'm going crazy
in the terminal, both values are CURLed from the API with the following headers
is I use the same headers rather than the ones in the image
Still doing the thing where X-auth-Email is unnecessary there
{"result":null,"success":false,"errors":[{"code":9207,"message":"Request body is invalid."}],"messages":[]}%
you have the semicolons inside of the quotes lol
the documentation in here: https://developers.cloudflare.com/api/resources/dns/subresources/records/methods/edit/
says
Cloudflare API | DNS › Records › Update DNS Record
Interact with Cloudflare's products and services via the Cloudflare API
if you're getting invalid body you're getting closer, but need to fix your body:
- Remove the semicolons from inside of the quotes
- Make ttl/proxied into a int and bool, not a string
- TTL needs to be 60s or higher for free
something like
ufff.. thank you for the help...
This worked
the only thing that didnt was the name
Shouldn't the documentation in here (https://developers.cloudflare.com/api/resources/dns/subresources/records/methods/edit/) be updated just to have the Authorizaton bearer header?
Cloudflare API | DNS › Records › Update DNS Record
Interact with Cloudflare's products and services via the Cloudflare API
it's more of a preference thing, both the global api key and api tokens will work, but yea api tokens are preferred
some of the docs are slowly being updated to prefer it, but each team maintains their own schema, so a fair bit of a mess
thanks for both your help @Chaika @Cyb3r-Jok3
I have found the documentation on Cloudflare assets a bit behind or confusing