> ## Documentation Index
> Fetch the complete documentation index at: https://conductorone-docs-mcp-bridge-private-server.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Set up a Cloudflare connector

> C1 provides identity governance and just-in-time provisioning for Cloudflare. Integrate your Cloudflare instance with C1 to run user access reviews (UARs), enable just-in-time access requests, and automatically provision and deprovision access.

<Tip>
  **A newer version of this connector is available.** This version of the connector is no longer available for installation. If you're setting up a Cloudflare connector with C1 for the first time, use the [v2 version](/baton/cloudflare).
</Tip>

## Capabilities

* Sync user identities from Cloudflare to C1

* Resources supported:
  * Roles

* Provisioning supported:
  * Role assignments
  * Accounts

## Add a new Cloudflare connector

<Warning>
  This task requires either the **Connector Administrator** or **Super Administrator** role in C1.
</Warning>

<Steps>
  <Step>
    In C1, navigate to **Integrations** > **Connectors** and click **Add connector**.
  </Step>

  <Step>
    Search for **Cloudflare** and click **Add**.
  </Step>

  <Step>
    Choose how to set up the new Cloudflare connector:

    * Add the connector to a currently unmanaged app (select from the list of apps that were discovered in your identity, SSO, or federation provider that aren't yet managed with C1)

    * Add the connector to a managed app (select from the list of existing managed apps)

    * Create a new managed app

    <Tip>
      **Do you SSO into Cloudflare using your identity, SSO, or federation provider?** If so, make sure to add the connector to the unmanaged Cloudflare app that was created automatically when you integrated your provider with C1, rather than creating a new managed app.
    </Tip>
  </Step>

  <Step>
    Set the owner for this connector. You can manage the connector yourself, or choose someone else from the list of C1 users. Setting multiple owners is allowed.

    <Warning>
      A Cloudflare connector owner must have the following permissions:

      * **Connector Administrator** or **Super Administrator** role in C1
      * **Super Administrator** access in Cloudflare
    </Warning>
  </Step>

  <Step>
    Click **Next**.
  </Step>
</Steps>

### Next steps

* **If you are the connector owner**, proceed to Configure your Cloudflare connector]\(/baton/v1/cloudflare#configure-your-cloudflare-connector) for instructions on integrating Cloudflare with C1.

* **If someone else is the connector owner**, C1 will notify them by email that their help is needed to complete the setup process.

## Configure your Cloudflare connector

<Warning>
  A user with the **Connector Administrator** or **Super Administrator** role in C1 and **Super Administrator** access in Cloudflare must perform this task.
</Warning>

### Step 1: Locate your Cloudflare Account ID

<Steps>
  <Step>
    Log into your Cloudflare Super Administrator account and select **Workers** from the left nav.
  </Step>

  <Step>
    On the **Workers** page, find your Account ID on the right side of the page.
  </Step>

  <Step>
    Copy and save the Account ID. We'll use it in Step 3.
  </Step>
</Steps>

### Step 2: Create an API token

<Steps>
  <Step>
    Click the user icon and select **My Profile**
  </Step>

  <Step>
    Click **API Tokens** on the left side, then click **Create Token**.
  </Step>

  <Step>
    At the bottom of the page, in the **Custom Token** area, click **Get started**.
  </Step>

  <Step>
    Fill out the **Create Custom Token** page as follows:

    1. Give the API token a name, such as **C1**
    2. Set the appropriate permissions for the API token:
       * To provision Cloudflare access via C1 and run access reviews on your Cloudflare users:
         * Account -> Account Settings -> Edit
         * Account -> Access: Organizations, Identity Providers, and Groups -> Read
       * To run access reviews on your Cloudflare users:
         * Account -> Account Settings -> Read
         * Account -> Access: Organizations, Identity Providers, and Groups -> Read
    3. Click **Continue to summary**
  </Step>

  <Step>
    Click **Create Token** and copy the token generated for you. We'll use it in Step 3.
  </Step>
</Steps>

### Step 3: Add your Cloudflare credentials to C1

<Steps>
  <Step>
    In C1, navigate to the Cloudflare connector by either:

    * Clicking the **Set up connector** link in the email you received about configuring the connector.

    * Navigate to **Connectors** > **Cloudflare** (if there is more than one **Cloudflare** listed, click the one with your name listed as owner and the status **Not connected**).
  </Step>

  <Step>
    Find the **Settings** area of the page and click **Edit**.
  </Step>

  <Step>
    Enter the account ID you looked up in Step 1 into the **Account ID** field.
  </Step>

  <Step>
    Paste the API token you generated in Step 2 into the **API key** field.
  </Step>

  <Step>
    Click **Save**.
  </Step>

  <Step>
    The connector's label changes to **Syncing**, followed by **Connected**. You can view the logs to ensure that information is syncing.
  </Step>
</Steps>

**Done.** Your Cloudflare connector is now pulling access data into C1.