how2itsec: May 2021

In order to verify your cloudflare API token, simply use the following command:

curl -X GET "https://api.cloudflare.com/client/v4/user/tokens/verify" \ > -H "Authorization: Bearer *YourCloudflareAPIToken*" \ > -H "Content-Type:application/json"

Example if your API token is valid:

user@lin:~#user@lin:~# curl -X GET "https://api.cloudflare.com/client/v4/user/tokens/verify" \ > -H "Authorization: Bearer YourCloudflareAPIToken" \ > -H "Content-Type:application/json"

{"result":{"id":"YourCloudflareID","status":"active"},"success":true,"errors":[],"messages":[{"code":10000,"message":"This API Token is valid and active","type":null}]}user@lin:~#user@lin:~#

Example if your API token is invalid:

user@lin:~#user@lin:~# curl -X GET "https://api.cloudflare.com/client/v4/user/tokens/verify" \ > -H "Authorization: Bearer WrongCloudflareAPIToken" \ > -H "Content-Type:application/json"

{"success":false,"errors":[{"code":6003,"message":"Invalid request headers","error_chain":[{"code":6111,"message":"Invalid format for Authorization header"}]}],"messages":[],"result":null} user@lin:~#

how2itsec

Howto verify your cloudflare API token

Splunk UseCase for attacks against FortiGate Firewall management interfaces

Impressum