Temporary Cloudflare Accounts for AI Agents

Cloudflare: let's give the bots their own accounts so they can scrape harder.

Also Cloudflare: let's send normal humans who are trying to go about their daily lives into endless Turnstile spinner loops with absolutely zero recourse, grievance, or support infrastructure.

Looks like Cloudflare still haven't shipped the most valuable possible feature for Cloudflare Workers though: hard billing caps.

I want to set a cap of $100/month and know, for sure, that if something untoward happens my apps will all stop serving traffic rather than me getting hit with a bill for $1000s.

The safest way to use Workers is on the free tier, which will shut off after 100,000 requests/day: https://developers.cloudflare.com/workers/platform/pricing/#...

Hot damn...

> Any agent can now run wrangler deploy --temporary and deploy a Worker to Cloudflare. This temporary deployment stays live for 60 minutes, during which time you can claim the temporary account, making it permanently your own. If you don't, it expires on its own.

Forget about agents, Cloudflare just provided free scratch deployments - ephemeral for 60 minutes - for anyone.

This is going to be amazing for things like PR previews and code review. Being able to deploy a preview to a working URL for free is a huge reduction in friction.

I hope it doesn't get abused so much that they turn it off again.

Would love to know more about how Cloudflare plans to prevent abuse of ephemeral infrastructure to host malicious content. From elsewhere in their documentation, “Cloudflare limits how quickly you can create temporary preview accounts. If the Wrangler CLI cannot create an account because too many temporary preview accounts were requested too quickly, wait before retrying or authenticate the CLI with a permanent Cloudflare account,” and “Cloudflare applies additional abuse prevention checks to temporary preview accounts.”[1] This is a bit vague though. Creating a new account has never been a huge hurdle to overcome but this seems to reduce the barrier to entry even more.

[1] https://developers.cloudflare.com/workers/platform/claim-dep...

> Make snail-game in Cloudflare Worker in TypeScript and deploy it using wrangler, don't ask me questions, do the best you can

https://snail-game.solstice-barometer.workers.dev/

pretty cool.

If eastdakota/jgc are here.

- simply expose containers to the world directly - without having to go via workers.

- You have other amazing parts of the stack anyway (D1, durable objects, a great object store). These aren't considered "lockin".

- workers is "lockin" - not similar enough to lambda/cloud functions and so becomes CF specific.

Not having a simple container based compute piece has made me hesitate in taking up CF. (Fly or firebase won out)

Lets keep in mind this is cloudflare workers runtime - it only makes sense to deploy small things there, maybe static sites. Unless the agent creates something for cf workers from scratch, asking it to „now deploy to cloudflare” will fail so bad.

This would only work if they would provision docker image deployment, similar to google cloud run, but the still, everything serveless has its own caveats…

This falls Within my predictions of how the AI playing field is become more leveled, in terms with human digital activity. Soon it wouldn't be so what you can do with the computer but what the agent can do BETTER. We are already there for the most part. These are the early steps of full re-genitive self hosting, fully capable AI the is far more advanced then asking it to solve a 2 + 2 question.

The article worded it perfectly; friction-less "efforts"

I know no one is writing copy anymore but i wish they tried to edit it a bit so it wasn’t so glaringly obvious. It just sours the product when it seems like so little effort was put into the message. And it’s not even hard - just change the prompt used!

Wouldn't it make more sense to merge the temporary account into an existing one, instead of claiming it as a new account?

This could lead to people having a large amount of separate accounts.

Correct me if I'm wrong, but does Cloudflare still not have a "Create Account" button on the account listing page? I think you still have to sign up from scratch doing plus-code email tricks, then invite your original email address as an admin, juggling multiple accounts. They should consider fixing that first.

I’m going to need a wrapper for all these services offering this service.

Cloudflare: let's give the bots their own accounts so they can scrape harder.

Also Cloudflare: let's send normal humans who are trying to go about their daily lives into endless Turnstile spinner loops with absolutely zero recourse, grievance, or support infrastructure.

I had similar thoughts: "let's convince everyone to outsource the decision on who can access their websites to us, because BOTS BOTS BOTS" and "let's make life easier for bots to do things".

First you spread the disease, then you sell the cure.

I'm sure they don't want humans to have that experience - the issue is that the human behavior looks very bot-like. This is usually only experienced by people whose setup is peculiar

But think of the shareholders

It's a clean way to charge AI to read content too.

Looks like Cloudflare still haven't shipped the most valuable possible feature for Cloudflare Workers though: hard billing caps.

I want to set a cap of $100/month and know, for sure, that if something untoward happens my apps will all stop serving traffic rather than me getting hit with a bill for $1000s.

The safest way to use Workers is on the free tier, which will shut off after 100,000 requests/day: https://developers.cloudflare.com/workers/platform/pricing/#...

Not that it helps, but I think this is only a problem if you’re paying by credit card.

If your company is on an enterprise plan, at least for us all of the limits are pre-negotiated and prepaid, and you aren’t billed for overages (although if you consistently overage, sales will start badgering you to negotiate a limit increase, but my experience is you can simply ignore their demands and they eventually go away)

It does drive me crazy that their enterprise tier “caps” bandwidth. Our company overaged on one of our domains, so we moved the domain out of our enterprise license onto a self-serve plan, and like magic, back to unlimited bandwidth.

Yeah, especially with agents this seems necessary.

Never going to happen at such a platform.

They prefer waiving the occasional DDoS / misconfiguration over giving their customers to cause outages with something so trivially forgotten about and so disconnected from the tech and actual platform.

I had similar thoughts: "let's convince everyone to outsource the decision on who can access their websites to us, because BOTS BOTS BOTS" and "let's make life easier for bots to do things".

First you spread the disease, then you sell the cure.

I think this is more of a “keep friends close but enemies closer” type thing.

> Make snail-game in Cloudflare Worker in TypeScript and deploy it using wrangler, don't ask me questions, do the best you can

https://snail-game.solstice-barometer.workers.dev/

pretty cool.

The article worded it perfectly; friction-less "efforts"

Hot damn...

Forget about agents, Cloudflare just provided free scratch deployments - ephemeral for 60 minutes - for anyone.

This is going to be amazing for things like PR previews and code review. Being able to deploy a preview to a working URL for free is a huge reduction in friction.

I hope it doesn't get abused so much that they turn it off again.

I just tried this out:

  % npx wrangler deploy --temporary
  
    wrangler 4.103.0
  ────────────────────
   You must accept Cloudflare's Terms of Service (https://www.cloudflare.com/terms/) and Privacy Policy (https://www.cloudflare.com/privacypolicy/) in order to continue. By typing "yes", you agree to these terms. Type "yes" to continue. … yes
  Solving proof-of-work challenge…
  Temporary account ready:
   Account: Educated Celery (created)
   Claim within: 60 minutes
   Claim URL: https://dash.cloudflare.com/claim-preview?claimToken=CAVe7LzWiGad-redacted
  Total Upload: 13.79 KiB / gzip: 4.12 KiB
  Uploaded cloudflare-redirect-resolver (2.27 sec)
  Deployed cloudflare-redirect-resolver triggers (0.50 sec)
    https://cloudflare-redirect-resolver.educated-celery.workers.dev
  Current Version ID: 5c12da7f-2749-4ccc-a8f6-79b85da98d10

I'm amused that it made me accept the terms and conditions without any indication of who I am, but it did work - https://cloudflare-redirect-resolver.educated-celery.workers... will be live for the next 59 minutes.

Wasn’t this case pretty much before?

The limits are 100 workers on free and 500 on paid.

And if need more then you can always go their platform which supports tenancy.

As long as you have a cronjob or similar to clean up the cost of having per PR preview is pretty much zero.

If I want to onboard a client to Cloudflare, I have to ask them to create an account and then invite me, which is a lot of friction for non-technical people.

A “create account” button accessible to me would be so much better. Then, I create the account and invite the client to join as owner.

Cloudflare makes it really hard to spend money. I constantly have to talk to someone in sales to enable some feature after rounds of negotiating on price. I think they would have way more customers, spending much more money, if they just offered transparent pricing, and fully on-demand services.

If eastdakota/jgc are here.

- simply expose containers to the world directly - without having to go via workers.

- You have other amazing parts of the stack anyway (D1, durable objects, a great object store). These aren't considered "lockin".

- workers is "lockin" - not similar enough to lambda/cloud functions and so becomes CF specific.

Not having a simple container based compute piece has made me hesitate in taking up CF. (Fly or firebase won out)

This would only work if they would provision docker image deployment, similar to google cloud run, but the still, everything serveless has its own caveats…

I’m going to need a wrapper for all these services offering this service.

I am here but I retired from being CTO of Cloudflare in March 2025 [1] and the current CTO is Dane Knecht (dknecht here). What advantage does decoupling Cloudflare Containers from Cloudflare Workers have?

[1] https://blog.cloudflare.com/three-chapters-at-cloudflare-pro...

> simply expose containers to the world directly - without having to go via workers.

I run workers and containers and am curious what you mean. Do you have specific use cases in mind outside of the worker invocation model? If so, I'm curious what you'd want to run on Cloudflare. Otherwise, workers don't have to be much of a "lockin" if treated as a thin layer, more like configuration.

> You have other amazing parts of the stack anyway (D1, durable objects, a great object store).

Instead, if you mean accessing these resources from containers, it's a bit clunky [0] but it's there - you should be able to access worker bindings from containers through those outbound handlers.

[0] https://developers.cloudflare.com/containers/platform-detail...

>Not having a simple container based compute piece made me hesitate in taking up CF

Agreed. I wish CF had something like Azure's new fast-starting Express containers.

> Unless the agent creates something for cf workers from scratch

The latest models appear to know CF Workers inside out and are very capable of doing that if you ask them to.

Here's my GPT-5.5 xhigh + Codex Desktop transcript building one just now: https://gist.github.com/simonw/264bd6b8a39fc34c91c9c867454c6... - code here: https://github.com/simonw/cloudflare-redirect-resolver

> it only makes sense to deploy small things there

What makes you say that?

[1] https://developers.cloudflare.com/workers/platform/claim-dep...

Given how little they do now to stop malicious content hosted behind/by Cloudflare, the bare minimum if anything.

> Would love to know more about how Cloudflare plans to prevent abuse of ephemeral infrastructure to host malicious content

If it helps laugh DDoS attacks they would be incentivized to do the exact opposite. They can charge more for “protection” then.

Wouldn't it make more sense to merge the temporary account into an existing one, instead of claiming it as a new account?

This could lead to people having a large amount of separate accounts.

I assumed that's how it works if you sign in before claiming the account?

It says to claim you can either sign up or sign in.

I think this is more of a “keep friends close but enemies closer” type thing.

Never going to happen at such a platform.

I'm sure they don't want humans to have that experience - the issue is that the human behavior looks very bot-like. This is usually only experienced by people whose setup is peculiar

Not that it helps, but I think this is only a problem if you’re paying by credit card.

It's a clean way to charge AI to read content too.

Yeah, especially with agents this seems necessary.

If I want to onboard a client to Cloudflare, I have to ask them to create an account and then invite me, which is a lot of friction for non-technical people.

A “create account” button accessible to me would be so much better. Then, I create the account and invite the client to join as owner.

It's business so they have neither enemies nor friends, just various breeds of cattle to milk.

Sounds more like “let’s make money twice”.

But think of the shareholders

Anyone can be a shareholder.

Wasn’t this case pretty much before?

The limits are 100 workers on free and 500 on paid.

And if need more then you can always go their platform which supports tenancy.

As long as you have a cronjob or similar to clean up the cost of having per PR preview is pretty much zero.

unless you have 500 PR's a day =)

On the other hand, we already use regular CF builds for frontend previews, but that doesnt solve a fullstack PR preview much

I just tried this out:

  % npx wrangler deploy --temporary
  
    wrangler 4.103.0
  ────────────────────
   You must accept Cloudflare's Terms of Service (https://www.cloudflare.com/terms/) and Privacy Policy (https://www.cloudflare.com/privacypolicy/) in order to continue. By typing "yes", you agree to these terms. Type "yes" to continue. … yes
  Solving proof-of-work challenge…
  Temporary account ready:
   Account: Educated Celery (created)
   Claim within: 60 minutes
   Claim URL: https://dash.cloudflare.com/claim-preview?claimToken=CAVe7LzWiGad-redacted
  Total Upload: 13.79 KiB / gzip: 4.12 KiB
  Uploaded cloudflare-redirect-resolver (2.27 sec)
  Deployed cloudflare-redirect-resolver triggers (0.50 sec)
    https://cloudflare-redirect-resolver.educated-celery.workers.dev
  Current Version ID: 5c12da7f-2749-4ccc-a8f6-79b85da98d10

> I'm amused that it made me accept the terms and conditions without any indication of who I am

as far as i’m aware, that’s fully binding and often an accepted practise - take Minecraft’s server software, where you must accept the EULA with a text flag before running

You might want to claim the link or remove it

> Would love to know more about how Cloudflare plans to prevent abuse of ephemeral infrastructure to host malicious content

If it helps laugh DDoS attacks they would be incentivized to do the exact opposite. They can charge more for “protection” then.

Given how little they do now to stop malicious content hosted behind/by Cloudflare, the bare minimum if anything.

I assumed that's how it works if you sign in before claiming the account?

It says to claim you can either sign up or sign in.

>Not having a simple container based compute piece made me hesitate in taking up CF

Agreed. I wish CF had something like Azure's new fast-starting Express containers.

unless you have 500 PR's a day =)

On the other hand, we already use regular CF builds for frontend previews, but that doesnt solve a fullstack PR preview much

> I'm amused that it made me accept the terms and conditions without any indication of who I am

as far as i’m aware, that’s fully binding and often an accepted practise - take Minecraft’s server software, where you must accept the EULA with a text flag before running

It's business so they have neither enemies nor friends, just various breeds of cattle to milk.

Sounds more like “let’s make money twice”.

> simply expose containers to the world directly - without having to go via workers.

> You have other amazing parts of the stack anyway (D1, durable objects, a great object store).

Instead, if you mean accessing these resources from containers, it's a bit clunky [0] but it's there - you should be able to access worker bindings from containers through those outbound handlers.

[0] https://developers.cloudflare.com/containers/platform-detail...

Not the OP, but for me it's a simple matter of not wanting to use typescript and the whole swamp on fire that is NPM.

[1] https://blog.cloudflare.com/three-chapters-at-cloudflare-pro...

quick piece of feedback, the workers architecture is a little bit annoying when converting from Lambda but hooking up to cloudflare MCP solves 90% of the issues

> Unless the agent creates something for cf workers from scratch

The latest models appear to know CF Workers inside out and are very capable of doing that if you ask them to.

I didnt say LLMs dont know cf workers, I meant that the cf workers runtime is kind of unique and you cannot push there any code without making it cf workers ready in the first place. If you know what youre doing it should be one time step to connect your hono app to cf workers (so not a huge effort) but still its not like tou can run anything there

> it only makes sense to deploy small things there

What makes you say that?

I’m running entire leadjobs.dev on cloudflare workers and its kind of unreliable for the traffic it gets - around 100 visitors/day. There are some weird errors in d1 from time to time which i cannot debug since its all black box. Also latencies are greater than I would expect, especially, again for d1. Overall its great value for money to get a globally available, low latency service - but I would think twice before going all in. As a sidenote, I expected that, thus the architecture of the service is build in a way that it abstracts the cf runtime and I can switch to any other infra, be it dedicated or another cloud, in a matter of a day

Anyone can be a shareholder.

Said the rich swe, fully oblivious of many who struggle to feed their own children.

You might want to claim the link or remove it

I redacted it, but if anyone still has at and wants to steal my demo app they're welcome to it.

Not the OP, but for me it's a simple matter of not wanting to use typescript and the whole swamp on fire that is NPM.

I redacted it, but if anyone still has at and wants to steal my demo app they're welcome to it.

I'll let you in on a sort of dirty secret:

It's almost always better to use Durable Objects storage, rather than D1. Even if you only want a single global database, it's better to implement that as a singleton Durable Object, than by using D1. Because that's all D1 itself actually is: a singleton Durable Object that exposes an API to its SQLite database. It's just a wrapper.

With raw Durable Objects, you get to bring your code to run on the same machine as the database itself. Your queries run on a local file, synchronously, rather than going over a network. There is essentially zero latency when using sqlite storage in a Durable Object.

If your app does no more than one DB query per request, then D1 is fine: the Worker runs near the end user, and talks over the long-haul network to D1 just once. Whereas with Durable Objects, your Worker would talk over the long-haul network to the Durable Object. No difference.

But if your app ever does two or more queries in series for a single request, then Durable Objects becomes vastly better, because you get to move that query-chaining code to happen directly where the database lives, rather than have multiple round trips.

Really, though, the only reason D1 exists is for comfort. Once you know how to use Durable Objects, there's no reason to use D1. We offer D1 because a lot of people don't want to learn a new model. (Which is fair. People are busy and may have better things to do.)

One caveat: D1's read replica support still isn't exposed in a way that you can use it in raw Durable Objects, so if you are using that, it's a legitimate advantage to D1. But we do plan to bring this functionality to raw Durable Objects at some point.

Said the rich swe, fully oblivious of many who struggle to feed their own children.

I thought there were no rich swes anymore?

That's unnecessarily presumptuous.

Cloudflare is in the S&P500. If you have a 401k diversified in broad market indexes then most likely… you are a shareholder.

quick piece of feedback, the workers architecture is a little bit annoying when converting from Lambda but hooking up to cloudflare MCP solves 90% of the issues

there's absolutely nothing positive we want to encourage copying from AWS's architectural approach to anything.

I'll let you in on a sort of dirty secret:

That's unnecessarily presumptuous.

I thought there were no rich swes anymore?

there's absolutely nothing positive we want to encourage copying from AWS's architectural approach to anything.

Cloudflare is in the S&P500. If you have a 401k diversified in broad market indexes then most likely… you are a shareholder.

About half of US households don’t have any retirement at all. Making their point that “shareholders” are a distinct class separate from the whole of the population.

No, Cloudflare does not meet the criteria for inclusion in the S&P 500.

About half of US households don’t have any retirement at all. Making their point that “shareholders” are a distinct class separate from the whole of the population.

and sitll the US seems to be one of the biggest markets educated on "being a shareholder" im sure Europe has smaller percentage of them.

This sounds like Elon’s IPO…I give you 0.000000000009% of my company for your whole savings account. Now have a part of the pie!

> About half of US households don’t have any retirement at all.

...and the top 10% by wealth own 90% of the stock market.

So even among the half that do have retirement savings in 401ks and the like it is on average very little compared to how much the truly wealthy have invested.

2026-06-19

4 min read

Everyone's writing code with AI agents today. But the moment an agent needs to deploy something — and needs to sign up and create an account — it slams face-first into a wall built for humans: a browser-based OAuth flow, a dashboard to click through, an API token to copy-paste, a multi-factor authentication prompt to satisfy. For an interactive copilot sitting next to a developer, that's annoying. For a background agent, it's a hard stop.

Today we're rolling out Temporary Cloudflare Accounts for Agents.

Agents can now deploy websites, APIs, and agents right away, without first needing to sign up for an account.

Any agent can now run wrangler deploy --temporary and deploy a Worker to Cloudflare. This temporary deployment stays live for 60 minutes, during which time you can claim the temporary account, making it permanently your own. If you don't, it expires on its own.

Our goal? Let your agent code and ship.

Why frictionless deployments matter for AI agents

Frictionless temporary accounts matter more than it might first seem:

Background AI sessions have no human in the loop, and are becoming the norm. Any auth step that needs a browser, a copy-paste, or "click here in 60 seconds" means an agent gets stuck and may choose to deploy elsewhere.
Trial-and-error is the agent's superpower. Agents need a tight write → deploy → verify loop. They need cheap, throwaway deployment targets, so they can curl their own output and decide whether they got it right.
Agent platforms are building their own ways for deploying code to "just work" without extra steps or credentials. People are starting to expect that this process just works, without the need to sign up for other services that they've not used before or heard of.

How it works

Temporary accounts are built around Wrangler, our Developer Platform command-line interface (CLI) tool that lets developers bootstrap new projects, manage their configurations and resources, and deploy and update them.

Wrangler usage is widely documented online and agents know how to use it very well. But if you hadn’t yet signed in and granted Wrangler permission to your Cloudflare account, when the agent tried to deploy, it would get stuck at the sign-up and authentication step. And you might rightly ask: How do agents and LLMs know that this new --temporary flag in Wrangler exists, so that they actually use it without a human explicitly telling them to do so?

To solve this, we updated Wrangler to prompt the agent with a message that tells it about the --temporary flag:

When the agent discovers this, and then runs **wrangler deploy** again with the --temporary flag, Cloudflare provisions a temporary account for the agent to use, gives Wrangler an API token to work with, and provides a claim URL that the agent can give back to the human.

Let’s go over every step of the flow

Deploying and iterating on a new project

Make sure you’re using the latest Wrangler release, fire up your favorite coding agent, and write a prompt to deploy a "hello world" app in build mode:

Make a very simple hello world Cloudflare Worker in TypeScript and deploy it using wrangler, don't ask me questions, do the best you can

The agent will run wrangler, pick up the --temporary flag from the output messages, build your script, and deploy it instantly, no human in the loop required:

As you can see, the agent wrote the script, deployed it using the --temporary flag, curled the preview link it got from the output, and verified that the result matches the code.

This is great, but agentic coding is often not about one single deployment. A session can go through a cycle of multiple code changes. This is not a problem: the agent can iterate on the Worker script and redeploy the changes as many times as it wants (within the 60-minute claim window). Type this prompt:

Now change hello world to "hello cloudflare" and redeploy

Look at the agent changing the source code, reusing the previously created temporary account, redeploying a new version and rechecking the result:

Claiming the account

At any point, you can claim the temporary account and make it yours permanently. When you click the claim link you will be taken to a page where you can either sign up for or sign in to Cloudflare, and then claim the temporary account that your Worker was deployed to. This includes claiming not just Workers, but resources like databases and other bindings, too.

If you do not claim these temporary accounts within 60 minutes, they will be automatically deleted.

The road to frictionless agentic deployments

This is just one way we’re eliminating the signup barrier for agents. We recently announced a partnership with Stripe and a new protocol we co-designed that lets agents provision Cloudflare on behalf of their users — creating an account, starting a subscription, registering a domain, and getting an API token to deploy code, with no copy-pasting tokens or entering credit card details. Last month, we collaborated with WorkOS on the launch of auth.md, which anyone can adopt, to let agents provision new accounts using well-established, existing OAuth standards.

There’s a ton going on in this space, and we’re excited to keep making it easier for agents to use Cloudflare, and for developers to make their own apps agent-ready. Temporary accounts are one more step toward frictionless agentic deployments — stay tuned for more.

Temporary accounts have some limitations, and their capabilities may change over time; check the developer documentation for more information and then go build something. Point your agent at Cloudflare, see how far it gets, and tell us what we can improve or what delights you — share what you’ve built on X or hop into the Cloudflare Community.

Agents Wrangler AI Cloudflare Workers