Replace key authorization with tokens

Author: maxvp

src/content/docs/cloudflare-one/applications/configure-apps/dash-sso-apps.mdx

@@ -72,8 +72,7 @@ If there is an issue with your SSO IdP provider, you can add an alternate IdP us
 
 ```bash title="cURL command"
 curl 'https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/access/identity_providers' \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "type": "onetimepin",
@@ -85,8 +84,7 @@ curl 'https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/access/identity_
 
 ```bash title="cURL command"
 curl 'https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/access/apps' \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 | jq '.result[] | select(.type == "dash_sso")'
 ```
 
@@ -105,8 +103,7 @@ curl 'https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/access/apps' \
 ```bash title="cURL command"
 curl --request PUT \
 'https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/access/apps/3537a672-e4d8-4d89-aab9-26cb622918a1' \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "id": "3537a672-e4d8-4d89-aab9-26cb622918a1",
@@ -126,8 +123,7 @@ The following API calls will disable SSO enforcement for an account. This action
 
 ```bash title="cURL command"
 curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/sso/v2/connectors \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>"
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN"
 ```
 
 ```json title="Response"
@@ -152,8 +148,7 @@ curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/sso/v2/connectors
 ```bash title="cURL command"
 curl --request PATCH \
 'https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/sso/v2/connectors/2828' \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "sso_connector_status": "DIS"

src/content/docs/cloudflare-one/connections/connect-devices/agentless/dns/dns-over-https.mdx

@@ -115,8 +115,7 @@ Currently, authentication tokens can only be generated through the API. You can
 
 ```bash
 curl "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/access/service_tokens" \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{"name":"ACME Corporation service token"}'
 ```
@@ -149,8 +148,7 @@ Save the service token's `client_id`, `client_secret`, and `id`.
 ```bash
 curl --request PUT \
 "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/access/organizations/doh/$SERVICE_TOKEN_ID" \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>"
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN"
 ```
 
 If you get an `access.api.error.service_token_not_found` error, check that `$SERVICE_TOKEN_ID` is the value of `id` and not `client_id`.
@@ -182,8 +180,7 @@ Create a new user and optionally add them to a group.
 
 ```bash
 curl "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/access/users" \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "name": "John Doe",

src/content/docs/cloudflare-one/connections/connect-devices/warp/configure-warp/device-profiles.mdx

@@ -36,8 +36,7 @@ Send a `POST` request to the [Devices endpoint](/api/resources/zero_trust/subres
 
 ```bash
 curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/devices/policy \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "allow_mode_switch": false,

src/content/docs/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-modes/device-information-only.mdx

@@ -3,10 +3,9 @@ pcx_content_type: how-to
 title: Enable Device Information Only
 sidebar:
   order: 2
-
 ---
 
-import { TabItem, Tabs } from "~/components"
+import { TabItem, Tabs } from "~/components";
 
 Device Information Only mode allows you to enforce device posture rules when a user connects to your [self-hosted Access application](/cloudflare-one/applications/configure-apps/self-hosted-public-app/). This mode relies on a client certificate generated from your account to establish trust between the Access application and the device.
 
@@ -17,8 +16,7 @@ To set up Device Information Only mode:
    ```bash
    curl --request PATCH \
    "https://api.cloudflare.com/client/v4/zones/{zone_id}/devices/policy/certificates" \
-   --header "X-Auth-Email: <EMAIL>" \
-   --header "X-Auth-Key: <API_KEY>" \
+   --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
    --header "Content-Type: application/json" \
    --data '{"enabled": true}'
    ```
@@ -68,7 +66,7 @@ The certificate name should match the **Device ID** in your WARP client **Prefer
    4. Change the **URI path** field to **Hostname**, and enter the domain you want to protect.
    5. Select **Deploy**. This creates a WAF custom rule that checks all requests to your domain for a valid client certificate.
 
-Device Information Only mode is now enabled on the device. To start enforcing device posture, set up a [WARP client check](/cloudflare-one/identity/devices/warp-client-checks/) and add a *Require* device posture rule to your [Access policy](/cloudflare-one/policies/access/). When the device connects to the Access application for the first time, the browser will ask to use the client certificate installed by WARP.
+Device Information Only mode is now enabled on the device. To start enforcing device posture, set up a [WARP client check](/cloudflare-one/identity/devices/warp-client-checks/) and add a _Require_ device posture rule to your [Access policy](/cloudflare-one/policies/access/). When the device connects to the Access application for the first time, the browser will ask to use the client certificate installed by WARP.
 
 <div class="large-img">
 

src/content/docs/cloudflare-one/connections/connect-networks/use-cases/ssh/ssh-infrastructure-access.mdx

@@ -119,8 +119,7 @@ To delete the SSH encryption public key using the [API](/api/resources/zero_trus
 
 ```sh
 curl --request PUT https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/audit_ssh_settings \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --data '{
   "public_key": ""
 }'

src/content/docs/cloudflare-one/insights/logs/audit-logs.mdx

@@ -44,8 +44,7 @@ The [Access authentication logs](/api/resources/zero_trust/subresources/access/s
 
 ```bash title="Request"
 curl "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/access/logs/access_requests?limit=25&direction=desc&since=2020-07-01T05:20:00Z&until=2020-10-01T05:20:00Z" \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>"
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN"
 ```
 
 ```json title="Response"

src/content/docs/cloudflare-one/policies/gateway/dns-policies/timed-policies.mdx

@@ -51,8 +51,7 @@ The following command creates a DNS policy to block `facebook.com` only on weekd
 
 ```bash
 curl "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules" \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "name": "office-no-facebook-policy",
@@ -78,8 +77,7 @@ The following command creates a DNS policy to block `clockin.com` only on weeken
 
 ```bash
 curl "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules" \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "name": "clock-in-policy",

src/content/partials/cloudflare-one/access/rule-group.mdx

@@ -28,8 +28,7 @@ Send a `POST` request to the [`/access/groups`](/api/resources/zero_trust/subres
 
 ```bash
 curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/access/groups \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "name": "Lisbon-team",

src/content/partials/cloudflare-one/gateway/lists.mdx

@@ -49,8 +49,7 @@ You can now use this list in the policy builder by choosing the _in list_ operat
 
 ```bash
 curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/lists \
---header "X-Auth-Email: <EMAIL>" \
---header "X-Auth-Key: <API_KEY>" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{
   "description": "Private application IPs",