Back to guides

Create the Cloudflare token to publish landings

Create a Cloudflare API token with the 4 right permissions (Workers + DNS + Zone) and add it to RoyLead to publish landings on your own domain.

Updated on June 22, 2026


RoyLead publishes your landings to your own Cloudflare account, on your domain (yourdomain.com/path). You just need an API token with a few permissions (RoyLead derives the Account ID from the token). Nothing leaves your account: we use your key.

First: the domain must be on Cloudflare

To publish on yourdomain.com/..., that domain must be managed by Cloudflare (nameservers pointed to Cloudflare). If it's still on GoDaddy / Namecheap / elsewhere:

  1. On Cloudflare → Add a site → enter the domain.
  2. Cloudflare gives you 2 nameservers → go to your registrar (where you bought the domain) and replace the nameservers with Cloudflare's.
  3. Wait until the status becomes Active (usually minutes/hours).

A domain already on Cloudflare is ready right away.

1. Create the token (4 permissions)

  1. Go to Cloudflare → API TokensCreate TokenCreate Custom Token.

    User API Tokens list with the "Create Token" button top-right
    User API Tokens list with the "Create Token" button top-right

    Create API Token page: choose "Create Custom Token"
    Create API Token page: choose "Create Custom Token"

  2. Token name: anything (e.g. RoyLead Landing).

  3. Permissions — add 4 rows (the "+ Add more" button for each). Each row has 3 menus: type (Account/Zone) · permission · level:

    TypePermissionLevel
    AccountWorkers ScriptsEdit
    ZoneWorkers RoutesEdit
    ZoneDNSEdit
    ZoneZoneRead

    Custom token form with the 4 permissions filled in: Workers Scripts, Workers Routes, DNS, Zone
    Custom token form with the 4 permissions filled in: Workers Scripts, Workers Routes, DNS, Zone

  4. Account Resources: Include → All accounts (leave as is).

  5. Zone Resources (appears as soon as you add a Zone permission): Include → All zones.

  6. Client IP Filtering and TTL: leave them empty.

  7. Continue to summary: it must show all 4 permissions

    • All accountsWorkers Scripts:Edit
    • All zonesDNS:Edit, Zone:Read, Workers Routes:Edit

    Then Create Tokencopy the token (shown only once).

    Token API summary with the 4 correct permissions: Workers Scripts, DNS, Zone, Workers Routes
    Token API summary with the 4 correct permissions: Workers Scripts, DNS, Zone, Workers Routes

2. In RoyLead — Settings → AI Tools → Cloudflare

Paste the API tokenSave. (RoyLead derives the Account ID from the token — you don't need to look it up.) When the badge shows Configured (green), you're set.

Publishing

In RoyLead → Landing pagesNew landing (editor): pick a name + domain, write the HTML in the editor, then Publish. The landing goes live at yourdomain.com/<path> (the RoyLead tracker is injected automatically). On the first deploy, SSL can take a few minutes.

💡 Notes

  • The token is stored encrypted; to rotate it, create a new token on Cloudflare and paste it again.
  • The 4 permissions are the minimum: upload the page (Workers Scripts), route the path (Workers Routes), manage DNS, read your domains (Zone).

Ready to put this into practice?

Create your RoyLead account and start in minutes.

Get started free