Description
Account API tokens are now available and I think we should switch to them.
Iirc we're currently using User API tokens. These are tied to the user that created them. If the user leaves the account, they are automatically revoked. The user that created them is also the only user that can manage the token (i.e. to roll it or delete it).
Account API tokens are tied to the account itself, regardless of who created it.
To quote the Cloudflare dash:
Account API Tokens
Create API tokens for service authentication and bucket access that are tied to the entire account. These remain active even when you leave the organization, making them ideal for production systems. (recommended)
User API Tokens
Create API tokens for service authentication and bucket access specific to your user account. These become inactive if you leave the organization, making them ideal for personal access or development work.
cc @nodejs/build since someone with access will need to generate the new token