Cloudflare OAuth 2.0 Refresh Token Demo

❌ Not authenticated

Flow

1. /login → Start OAuth Authorization Code + PKCE flow 2. /tokens → View stored access + refresh tokens 3. /test-api → Call Cloudflare API with current access token 4. /test-api-auto → Auto-refresh if expired, then call API

Manual actions

How it works

  1. Click /login — redirects to Cloudflare authorization page
  2. Authorize the app — Cloudflare redirects back to /callback with a code
  3. Worker exchanges the code for access_token + refresh_token
  4. Tokens are stored in KV
  5. Click /test-api to call the Cloudflare API
  6. Click Force refresh to get a new access token via grant_type=refresh_token