CD
Cloudflare Developers2w ago
martinklepsch

I'm running into a somewhat frustrating

I'm running into a somewhat frustrating auth error when trying to trigger or list workflows via the cloudflare npm package …
7 Replies
martinklepsch
martinklepschOP2w ago
curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/workflows \
    -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \
    -H "X-Auth-Key: $CLOUDFLARE_API_KEY"
curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/workflows \
    -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \
    -H "X-Auth-Key: $CLOUDFLARE_API_KEY"
I have the following permissions for the API KEY: Workers Tail:Read, Workers Scripts:Edit, Workers Scripts:Read but I keep ketting this 400 error: 
{"success":false,"errors":[{"code":10001,"message":"Unable to authenticate request"}]}
{"success":false,"errors":[{"code":10001,"message":"Unable to authenticate request"}]}
I double checked the values are present by printing them in the same script
Seekerdasbatatas
Seekerdasbatatas2w ago
what happens if you use the same API token but with Authorization: Bearer $CLOUDFLARE_API_KEY?
martinklepsch
martinklepschOP2w ago
Same error: 
curl https://api.cloudflare.com/client/v4/accounts/$CLOUDFLARE_ACCOUNT_ID/workflows \
   -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \
   -H "Authorization: Bearer $CLOUDFLARE_API_KEY"
curl https://api.cloudflare.com/client/v4/accounts/$CLOUDFLARE_ACCOUNT_ID/workflows \
   -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \
   -H "Authorization: Bearer $CLOUDFLARE_API_KEY"
also tried without the email @Matt Silverlock - hope you don't mind the ping — is there anything I'm missing here? I created an API token in the dashboard but can't seem to auth against any workflow APIs
Matt Silverlock
Matt Silverlock2w ago
Remove the X-Auth-Email - just the single bearer token: https://developers.cloudflare.com/fundamentals/api/get-started/create-token/
Matt Silverlock
Matt Silverlock2w ago
Fresh token just created. 
➜  curl -s "https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/workflows" \
   -H "Authorization: Bearer ${WORKFLOWS_TOKEN}" | jq -c '.result[0]'
{"created_on":"2025-03-25T17:49:44.211Z","modified_on":"2025-03-25T17:50:06.122Z","name":"workflows-starter-deploy-to-workers-test","id":"99f5923d-c5af-4a19-8111-c19c0d5beed4","script_name":"workflows-starter-deploy-to-workers-test","triggered_on":"2025-03-25T17:50:06.122Z","class_name":"MyWorkflow","instances":{"queued":0,"running":0,"paused":0,"errored":0,"terminated":0,"complete":1,"unknown":0,"waitingForPause":0,"waiting":0}}
➜  curl -s "https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/workflows" \
   -H "Authorization: Bearer ${WORKFLOWS_TOKEN}" | jq -c '.result[0]'
{"created_on":"2025-03-25T17:49:44.211Z","modified_on":"2025-03-25T17:50:06.122Z","name":"workflows-starter-deploy-to-workers-test","id":"99f5923d-c5af-4a19-8111-c19c0d5beed4","script_name":"workflows-starter-deploy-to-workers-test","triggered_on":"2025-03-25T17:50:06.122Z","class_name":"MyWorkflow","instances":{"queued":0,"running":0,"paused":0,"errored":0,"terminated":0,"complete":1,"unknown":0,"waitingForPause":0,"waiting":0}}
No description
Matt Silverlock
Matt Silverlock2w ago
@martinklepsch - use the verify endpoint to test it (in the doc I linked)
No description
martinklepsch
martinklepschOP2w ago
That does work! thanks! Now I guess I'm still wondering, is there a way to use this with the cloudflare package? I tried the obvious of not passing an email but that didn't seem to work And the docs don't mention the bearer auth ah, pass as apiToken: 
const client = new Cloudflare({
  apiToken: process.env.CLOUDFLARE_API_KEY!,
});
const client = new Cloudflare({
  apiToken: process.env.CLOUDFLARE_API_KEY!,
});
Thanks @Matt Silverlock -- appreciate it!

Did you find this page helpful?