---
name: Cloudflare and OVH KMS Access
description: How to access Cloudflare API and OVH KMS secrets for infrastructure management
type: reference
originSessionId: 7a5d7140-8724-47d5-b862-13e66e2c0212
---
## Cloudflare API
- Global Key: cfk_PEbNE7Xq4ulKAHaENVHew3nTaabJGCdX0kKw7P8V5654f0d8 (header: X-Auth-Key + X-Auth-Email: meni@biton.pro)
- Provisioner Token: cfut_79EHtlXBHzkjVXnJI3gl8P9ONgG5DJ09ns5db6do21163b36 (header: Authorization: Bearer)
- Account ID: a182e69b048ebabb970ffd4e91cc741b
- Zone yohay.ai: 729e5afe1753f82f06c3416dc2e1aca0
- Tunnel 5060ihome: 117e8f06-753f-4ef7-8d58-b065a74a3ba0
- Access App *.yohay.ai: 46458e7d-dfb5-4f40-9c6b-9e1498e00bf2

## OVH KMS (CERT-STOR)
- KMS ID: 17212333-c57e-481e-a3d2-07d3ff1a192c
- Endpoint: https://eu-west-gra.okms.ovh.net
- Client cert+key on meni-office0-0001: ~/Downloads/d05a39c2-99c1-4f6f-8780-c7e32e683a53_{certificate,privatekey}.pem
- Secrets: cloudflare/global-api-key, cloudflare/provisioner-token, google/oauth, tailscale/api-key

## Google OAuth (for Cloudflare Access)
- Client ID: 768647841000-qhb3qc8j3kdiain55k1gsn96clltvhki.apps.googleusercontent.com
- Client Secret: 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
- IDP ID in CF Access: 6ce8a0ab-b3fd-4174-9d8b-87eacd2e2e97

## Tailscale
- Auth key (from KMS): tskey-auth-kotYEcX9f511CNTRL-5M77cSJPJ32LBA7dwq5w22zFLsvsyUim4