Skip to main content

Authorization Management

On the authorization management page, you can manage authorization credentials for calling providers' API.

How to get providers' authorization credentials?

Alibaba Cloud

Please refer to the official user manual.

Least privileges:

  • Applying (DNS-01 challenge): AliyunDNSFullAccess.
  • Deploying: AliyunYundunCertFullAccess + full access to the related services or resources.

Tencent Cloud

Please refer to the official user manual.

Least privileges:

  • Applying (DNS-01 challenge): QcloudDNSPodFullAccess.
  • Deploying: QcloudSSLFullAccess + full access to the related services or resources.

Baidu Cloud

Please refer to the official user manual.

Least privileges:

  • Applying (DNS-01 challenge): DNSOperatePolicy.
  • Deploying: CASFullControlPolicy + full access to the related services or resources.

Huawei Cloud

Please refer to the official user manual.

Least privileges:

  • Applying (DNS-01 challenge): DNSFullAccess.
  • Deploying: SCMFullAccess + full access to the related services or resources.

Volc Engine

Please refer to the official user manual.

Least privileges:

  • Applying (DNS-01 challenge): DNSFullAccess.
  • Deploying: SSLFullAccess + full access to the related services or resources.

JD Cloud

Please refer to the official user manual.

Least privileges:

  • Applying (DNS-01 challenge): JDCloudHTTPDNSAdmin.
  • Deploying: JDCloudSSLAdmin + full access to the related services or resources.

AWS

Please refer to the official user manual

Least privileges:

  • Applying (DNS-01 challenge):
    • route53:ListHostedZones
    • route53:ListHostedZonesByName
    • route53:GetHostedZone
    • route53:ListResourceRecordSets
    • route53:ChangeResourceRecordSets
    • route53:GetChange
  • Deploying:
    • acm:ListCertificates
    • acm:GetCertificate
    • acm:ImportCertificate
    • Permissions of the related services or resources.

Azure

Please refer to the official user manual

Least privileges:

  • Applying (DNS-01 challenge):
    • Microsoft.Network/dnsZones/read
    • Microsoft.Network/dnsZones/TXT/*
  • Deploying:
    • Microsoft.KeyVault/vaults/certificates/read
    • Microsoft.KeyVault/vaults/certificates/write
    • Permissions of the related services or resources.

Cloudflare

Please refer to the following process to obtain:

  1. Log in to the Cloudflare console.
  2. Click on the account avatar, then click on "My Profile" -> "API Tokens" -> "Create Token", and select to use the "Edit zone DNS" template.
  3. Add Zone.DNS.Edit permission, fill in your domain names, then click the "Continue" button.