Onboarding Cloudflare DNS

Prerequisites

Before configuring the Cloudflare DNS integration in AppViewX, ensure that the Cloudflare API token is configured with the correct permissions, zone resources, and validity period. AppViewX requires these settings to perform Domain Control Validation (DCV) or ACME DNS-01 challenge validation.

Configure Permissions

Set the following permission for the API token:
Resource Permission Access Level
Zone DNS Edit
The DNS (Edit) permission enables AppViewX to create TXT records for DCV, update existing DNS records, delete DNS records, and read DNS zone details.
Note: During DNS automation, AppViewX retrieves the hosted zones list and validates the existence of zones as a prerequisite before creating DNS records.

Configure Zone Resources

Under Zone Resources, configure the scope of DNS zones that AppViewX can access:
  1. Set Include to Specific Zone.
  2. Add the required domain(s) that AppViewX will manage.
    Note: Restricting access to specific zones limits the token's scope to only the domains required for DCV, following the principle of least privilege.

Cloudflare Account ID

To locate your Cloudflare Account ID:
  1. Login to dash.cloudflare.com.
  2. Click on any domain.
  3. On the Overview page, scroll down to the API section on the right panel.
  4. Copy the Account ID listed alongside the Zone ID.

Configuring Cloudflare DNS

To configure Cloudflare DNS:
  1. Go to (Menu > CERT+ > ADMINISTRATION > DCV Management > Manage DDI services > Add new vendor.
    The Select vendor page is displayed.
  2. On the Select Vendor page, click Cloudflare.
  3. On the Vendor Configuration page, under the General section, enter or select the required field information.
    The following table describes the various fields in this section:
    Field Description
    *Name Enter a unique name to identify the vendor account which is being configured.
    Description Enter a description for the purpose of configuring this vendor, if required.
    Data center Select a data center from the options available in the dropdown list.
    *: Mandatory fields
  4. On the Vendor Configuration page, under the Credentials section, enter or select the required field information.
    The following table describes the various fields in this section:
    Field Description
    Auth Type Displays the Bearer Token method of authentication selected by default.
    *URL Enter API URL for the vendor with the HTTPS/HTTP protocol.
    Note: The API URL is same as the Hostname URL.
    Example: https://api.cloudflare.com/
    *Token Enter the API token generated in Cloudflare for DNS integration.
    *Account ID Enter the Cloudflare account ID for API integration.
    *: Mandatory fields
  5. Enable Use Proxy for the vendor.
  6. Enable Config sync for parsing the vendor.
  7. On the Vendor Configuration page, under the Configurations section, turn Off the Enable Advanced Config toggle.
  8. Click Finish.
    A "Vendor configuration saved successfully" confirmation message is displayed.

Validating the Vendor Configuration

  1. On the Integration Hub page, locate the configured vendor tile.
  2. Confirm that a green check mark (✔) appears on the tile this indicates the vendor is active and reachable.
  3. Click the View status icon on the tile to open the Vendor Status Log: (Vendor Name) dialog.
  4. Verify that the Authentication entry displays a Success status with a recent timestamp.