BaseDeck

Cloudflare D1 Setup

How to create a Cloudflare D1 API token for BaseDeck.

Create a Cloudflare API token with D1 access, optionally copy the account and database IDs, then paste everything into BaseDeck.

Download BaseDeck Create User Token Create Account Token

4-step flow

Create the token once, then keep it in Keychain inside BaseDeck.

The API token is required. The accountId and databaseId fields are optional and only needed when you want BaseDeck to pin one account or one specific D1 database.

1

Choose user token or account token

In the Cloudflare dashboard, open My Profile -> API Tokens for a user token, or Manage Account -> Account API Tokens for an account-owned token. Account-owned tokens are usually the better fit for long-lived shared setups.

2

Create a custom D1 token

The direct links on this page open Cloudflare's token builder with a D1 edit token prefilled for BaseDeck. If you create the token manually, scope it to the target account and grant D1 Read for browsing or D1 Edit for full BaseDeck support including approved write SQL.

3

Copy IDs only when you need to pin them

If you leave accountId and databaseId empty, BaseDeck will discover the accessible accounts and D1 databases automatically. Fill them only when you want one fixed account or one fixed D1 database.

4

Paste it into BaseDeck

In the Cloudflare D1 connection form, paste the API token, optionally add the account and database IDs, then click Test Connection before saving.

Direct Link Note

Cloudflare still documents template URLs, but the generic create-token page is the fallback.

Cloudflare's official template URL docs still document permissionGroupKeys query parameters for prefilled token creation flows. If your dashboard opens without the D1 permission preselected, use the generic token creation page and choose the D1 permission manually.

Cloudflare references: API token template URLs and Create API token

Permission note

Read-only browsing and write SQL do not need the same D1 token scope.

Browsing schemas and running read queries only needs D1 read access. Write SQL in BaseDeck still requires your approval in the app, and the Cloudflare token must also include D1 write access.

Cloudflare references: API token permissions and account-owned tokens

Optional IDs

Need the account ID? Cloudflare exposes it in Account Home and Workers & Pages.

If you want to pin the connection to one account, copy the Account ID from Cloudflare Account Home or from the Workers & Pages overview. The Database ID is available on the target D1 database page.

Cloudflare reference: Find account and zone IDs

Next step

Paste the token into BaseDeck and verify the database list loads.

Once the token is ready, create the Cloudflare D1 connection in BaseDeck and confirm that the explorer can list your databases or the pinned database you selected.

Download BaseDeck Browse all guides