Cloudflare launched self-managed OAuth for all
7 hours ago
- #Cloudflare
- #OAuth
- #API Security
- Cloudflare has launched self-managed OAuth, allowing all customers to create and manage their own OAuth clients for delegated API access.
- Previously, third-party OAuth was limited to manually onboarded integrations, forcing developers to rely on less manageable API tokens.
- The upgrade involved migrating from an older version of Hydra (open-source OAuth engine) to a newer version via a blue-green strategy to minimize user impact.
- Key improvements included enhanced consent experiences, revocation capabilities in the dashboard, and security measures against OAuth phishing attacks.
- During the upgrade, Cloudflare implemented a queue system (using Cloudflare Queues) to handle revocation events and avoid data loss during migration.
- Post-upgrade metrics show significant performance improvements: API P95 latency reduced by 45%, CPU usage down 37%, and memory usage decreased.
- This upgrade enables easier building of SaaS integrations, internal developer platforms, and agentic tools with better user control and security.