Cloudflare opens self-managed OAuth to all developers
Tags OSS · Enterprise
Cloudflare launched self-managed OAuth for all customers, enabling developers to create and manage their own OAuth clients for delegated API access. Previously, third-party OAuth was limited to a small number of manually onboarded partners. The platform upgrade involved a zero-downtime migration of Cloudflare's underlying OAuth engine from Hydra 1.x to 2.x, using a blue-green deployment strategy. The move supports growing demand from agentic tools that require scoped, revocable access to Cloudflare APIs without relying on API tokens.
Technical significance
Self-managed OAuth is a prerequisite for platform ecosystems to scale beyond curated partner programs. For Cloudflare, this enables a new class of SaaS integrations and agentic tooling that requires delegated access. The technical approach to zero-downtime OAuth engine migration is relevant for any organization running identity infrastructure at scale.