From f5dec6c3c343ac534d57f077fb1fa27e3f547afa Mon Sep 17 00:00:00 2001 From: Kate Tungusova Date: Mon, 16 Jun 2025 17:55:43 -0700 Subject: [PATCH 1/3] [CF1] DoH and service tokens --- .../connect-devices/agentless/dns/dns-over-https.mdx | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/content/docs/cloudflare-one/connections/connect-devices/agentless/dns/dns-over-https.mdx b/src/content/docs/cloudflare-one/connections/connect-devices/agentless/dns/dns-over-https.mdx index 421ea08592a3a6..c539be17b3f403 100644 --- a/src/content/docs/cloudflare-one/connections/connect-devices/agentless/dns/dns-over-https.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-devices/agentless/dns/dns-over-https.mdx @@ -124,6 +124,8 @@ Currently, authentication tokens can only be generated through the API. You can ### 1. Create a service token for the account +Each Cloudflare account can only have one active Access [service token](/cloudflare-one/identity/service-tokens/) authorized for DNS over HTTPS (DoH) at a time. + ```bash curl "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/access/service_tokens" \ --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ @@ -164,6 +166,12 @@ curl --request PUT \ If you get an `access.api.error.service_token_not_found` error, check that `$SERVICE_TOKEN_ID` is the value of `id` and not `client_id`. +:::note + +Although you can create multiple valid service tokens, only one service token can be designated for issuing DoH tokens. Calling the API to enable DoH on a new service token replaces the previously active service token. This can cause intermittent failures if a new token overrides each other’s tokens. + +::: +
```json From fa9b404d06936944b0be0ac26a55be5c32019faf Mon Sep 17 00:00:00 2001 From: Kate Tungusova Date: Tue, 17 Jun 2025 11:32:45 -0700 Subject: [PATCH 2/3] final update --- .../connect-devices/agentless/dns/dns-over-https.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-devices/agentless/dns/dns-over-https.mdx b/src/content/docs/cloudflare-one/connections/connect-devices/agentless/dns/dns-over-https.mdx index c539be17b3f403..a711d5bebf5282 100644 --- a/src/content/docs/cloudflare-one/connections/connect-devices/agentless/dns/dns-over-https.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-devices/agentless/dns/dns-over-https.mdx @@ -168,7 +168,7 @@ If you get an `access.api.error.service_token_not_found` error, check that `$SER :::note -Although you can create multiple valid service tokens, only one service token can be designated for issuing DoH tokens. Calling the API to enable DoH on a new service token replaces the previously active service token. This can cause intermittent failures if a new token overrides each other’s tokens. +Although you can create multiple valid service tokens, only one service token can be designated for issuing DoH tokens. Calling the API to enable DoH on a new service token replaces the previously active service token. This can cause intermittent failures If a new token overrides an active service tokens, the API call will fail. ::: From eeae7e172831f7e54bec35d46f1621d28caff2e2 Mon Sep 17 00:00:00 2001 From: Kate Tungusova <70746074+deadlypants1973@users.noreply.github.com> Date: Wed, 18 Jun 2025 14:37:35 -0700 Subject: [PATCH 3/3] Update src/content/docs/cloudflare-one/connections/connect-devices/agentless/dns/dns-over-https.mdx Co-authored-by: James Royal --- .../connect-devices/agentless/dns/dns-over-https.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-devices/agentless/dns/dns-over-https.mdx b/src/content/docs/cloudflare-one/connections/connect-devices/agentless/dns/dns-over-https.mdx index a711d5bebf5282..adbcde2a7851a2 100644 --- a/src/content/docs/cloudflare-one/connections/connect-devices/agentless/dns/dns-over-https.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-devices/agentless/dns/dns-over-https.mdx @@ -168,7 +168,7 @@ If you get an `access.api.error.service_token_not_found` error, check that `$SER :::note -Although you can create multiple valid service tokens, only one service token can be designated for issuing DoH tokens. Calling the API to enable DoH on a new service token replaces the previously active service token. This can cause intermittent failures If a new token overrides an active service tokens, the API call will fail. +Although you can create multiple valid service tokens, only one service token can be designated for issuing DoH tokens. Calling the API to enable DoH on a new service token replaces the previously active service token. If a new token overrides an active service token, the API call will fail. :::