Scoped api token not working. Error 10000

Question

Scoped api token not working. Error 10000

maxfield-allison opened this issue 4 years ago · comments

Maxfield Allison commented 4 years ago

As the title says, workaround by using Global API Key.

Xployt · Answer 1 · Sun Jun 28 2020 10:09:31 GMT+0800 (China Standard Time)

Neither worked for me.

Maxfield Allison · Answer 2 · Mon Jun 29 2020 21:02:03 GMT+0800 (China Standard Time)

@Xpl0yt91 Try deleting the existing image and doing a fresh docker pull

Xployt · Answer 3 · Tue Jun 30 2020 04:37:47 GMT+0800 (China Standard Time)

@maxfield-allison got it working man, cheers.

Maxfield Allison · Answer 4 · Tue Jun 30 2020 04:43:15 GMT+0800 (China Standard Time)

@Xpl0yt91 Good to hear! If you add the tag :latest to the compose or command, you should be able to just run a down/up to get it to pull the newest.

Dave Conroy · Answer 5 · Tue Jun 30 2020 09:21:48 GMT+0800 (China Standard Time)

Thanks for sorting this out @maxfield-allison - I had a bit of an issue in the past 3 weeks with the Docker Images building on a fritz. It's been resolved now.

Maxfield Allison · Answer 6 · Tue Jun 30 2020 09:26:40 GMT+0800 (China Standard Time)

Good to hear! Thanks again for this excellent utility.

SmartHomeBeginner · Answer 7 · Thu Aug 13 2020 00:54:48 GMT+0800 (China Standard Time)

This PR would address the token support:

#10

Dave Conroy · Answer 8 · Sat Aug 22 2020 00:28:28 GMT+0800 (China Standard Time)

I have a beta version of upcoming release available
docker pull tiredofit/traefik-cloudflare-companion:develop

What you will need to do on this one is change the following environment variables:

API_MODE=SCOPED

CF_API_TOKEN=(yourscopedtoken)

Can you let me know if this works for you?

Dave Conroy · Answer 9 · Tue Aug 25 2020 02:39:04 GMT+0800 (China Standard Time)

Now rewritten as tiredofit/traefik-cloudflare-companion:6.0.0 in Python3

Ignore what I wrote above, that was using an older method.
Simply use your Scoped token in CF_TOKEN and set CF_EMAIL=None.

Maarten · Answer 10 · Thu Aug 27 2020 02:59:26 GMT+0800 (China Standard Time)

Can this be reopened? I'm still experiencing this. When setting CONTAINER_LOG_LEVEL=DEBUG

The logs show:

 curl -X GET "https://api.cloudflare.com/client/v4/zones/REDACTED/dns_records?name=REDACTED" \
            -H "User-Agent: python-cloudflare/2.8.13/python-requests/2.24.0/python/3.8.5" \
            -H "Content-Type: application/json" \
            -H "X-Auth-Email: None" \
            -H "X-Auth-Key: REDACTED"

Suggesting the python library is now trying to authenticate using email "None" and still using an X-AUTH-KEY. when using an API token it should be

~$ curl -X GET "https://api.cloudflare.com/client/v4/user/tokens/verify" \
>      -H "Authorization: Bearer vh9awGupxxxxxxxxxxxxxxxxxxx" \
>      -H "Content-Type:application/json" | jq

I'm reusing my API token from cloudflare-ddns so the keys must be right

Dave Conroy · Answer 11 · Thu Aug 27 2020 03:02:00 GMT+0800 (China Standard Time)

I've screwed this up. I'm going to get some time to look into this in a couple days.

Dave Conroy · Answer 12 · Fri Aug 28 2020 01:14:48 GMT+0800 (China Standard Time)

6.0.2 will fix this. I have just tested a few scenarios.

Jason Thekkekara · Answer 13 · Sun Sep 20 2020 13:36:02 GMT+0800 (China Standard Time)

I used a scoped API token with CF_EMAIL unset and it worked perfectly.

Maarten · Answer 14 · Sun Sep 20 2020 16:53:50 GMT+0800 (China Standard Time)

Absolutely correct. As mentioned by @tiredofit he fixed it (for me) with 6.0.2. Working as intended now. I guess this can be closed. Sorry for the late reply

Maxfield Allison · Answer 15 · Sun Sep 20 2020 21:50:51 GMT+0800 (China Standard Time)

Fixed by #10