What is Multi-User?
Multi-User accounts allow a group of users to share access to a group of websites' Cloudflare settings. Administrators in a Multi-User account can delegate access to other members, so that not every member can change every Cloudflare setting.
How does Multi-User work?
In Multi-User an organization controls one or more website, and invites users to be able to edit Cloudflare settings on those websites. A user can belong to one or more organization, and have different permissions for each organization that they belong to.
How do I create a Multi-User account?
Multi-User is an Enterprise level feature. To enable Multi-User, get in touch with our sales team.
Can a user belong to more than one Multi-User organization?
Yes, a user can belong to more than one Multi-User organizations.
Here's an example:
User A is part of two organizations: Orange Cloud and Grey Cloud.
Orange Cloud invites User A as a DNS Admin. Grey Cloud invites User A as a Firewall Admin.
When User A logs into their personal Cloudflare account, they will see all of Orange Cloud's zones, all of Grey Cloud's zones, and all of their personal zones. They have DNS permissions for all the zones belonging to Orange Cloud, firewall permissions for all the zones belonging to Grey Cloud and Super Admin access to their own zones.
Orange Cloud and Grey Cloud are still totally separate. User A just happens to have been granted access to both of these.
How do I invite people to my Multi-User organization?
1. In your Multi-User account, select your username in the top right corner and go to your organization's settings.
2. Select Members.
3. Enter the email address of the member you want to invite to your organization, select the role you'd like to assign them, and press invite. For a detailed break down of available permissions, see below.
That member will promptly receive an email from Cloudflare inviting them to join your organization.
What permissions does each Multi-User role have?
Note: Apps are not compatible with Multi-User and are not available once Multi-User has been enabled.
There are various permissions that can be chosen, and users can mix and match multiple permissions per user.
|Crypto, Caching, Performance, Page Rules, Customization Administrator|
|All Privileges - Super Administrator|
Does each user in a Multi-User account have their own API key?
Yes. Each user in a Multi-User account has their own API key. You can retrieve your API key by going to the "My Account" page and clicking the "View API key" button.
Can Multi-User accounts use Two-Factor Authentication
Yes. In fact, we encourage it. Two-Factor Authentication can be enabled by going to the "My Account" page and clicking the "Configure" button.
If you would like to enforce that every user enables Two-Factor Authentication, you can require it by turning on 'Enforce Two-Factor Authentication' under the organization's settings. Note that only Super Admins can enable and disable this feature.
Can I continue to use the old interface and API after switching to Multi-User?
No, accounts that are using Multi-User lose the ability to go back to the old version of the interface, and will no longer be able to use the old API. You can find the new API here.