Clarify permissions for notifications and webhooks #20741
Conversation
It was implied that customers could scope down notification creation access to particular products. This isn't true at the current time. A customer with account edit permissions can create any account level notification policy, similarly a token with "Account Settings: Edit" can create any kind of notification policy. The restrictions on creation of policies depends on the products that an account is entitled to (e.g enterprise, business, professional or free). I also clarified that webhooks are available to everyone with a paid service, for example if you pay for Cloudflare Workers you get webhooks.
|
Howdy and thanks for contributing to our repo. The Cloudflare team reviews new, external PRs within two (2) weeks. If it's been two weeks or longer without any movement, please tag the PR Assignees in a comment. We review internal PRs within 1 week. If it's something urgent or has been sitting without a comment, start a thread in the Developer Docs space internally. PR Change SummaryClarified permissions related to notifications and webhooks in the documentation.
Modified Files
How can I customize these reviews?Check out the Hyperlint AI Reviewer docs for more information on how to customize the review. If you just want to ignore it on this PR, you can add the Note specifically for link checks, we only check the first 30 links in a file and we cache the results for several hours (for instance, if you just added a page, you might experience this). Our recommendation is to add |
workers-devprod
added
the
contribution
|
Congratulations @jasoncabot, the maintainer of this repository has issued you a holobyte! Here it is: https://holopin.io/holobyte/cm8yr1owu00330cjoh3tuj5in This badge can only be claimed by you, so make sure that your GitHub account is linked to your Holopin account. You can manage those preferences here: https://holopin.io/account. |
* Clarify permissions for notifications and webhooks It was implied that customers could scope down notification creation access to particular products. This isn't true at the current time. A customer with account edit permissions can create any account level notification policy, similarly a token with "Account Settings: Edit" can create any kind of notification policy. The restrictions on creation of policies depends on the products that an account is entitled to (e.g enterprise, business, professional or free). I also clarified that webhooks are available to everyone with a paid service, for example if you pay for Cloudflare Workers you get webhooks. * Small edit --------- Co-authored-by: Denise Peña <[email protected]>
3 participants
Please feel free to re-word / clarify the edits, I wanted to provide a bit more detail with the permissions.
Summary
It was implied that customers could scope down notification creation access to particular products. This isn't true at the current time.
A customer with account edit permissions can create any account level notification policy, similarly a token with "Account Settings: Edit" can create any kind of notification policy.
The restrictions on creation of policies depends on the products that an account is entitled to (e.g enterprise, business, professional or free).
I also clarified that webhooks are available to everyone with a paid service, for example if you pay for Cloudflare Workers you get webhooks.
Screenshots (optional)
n/a
Documentation checklist