From 2e2efa3ea3d1eca06f180d457e6e6bb944a5f8ee Mon Sep 17 00:00:00 2001
From: Harold Martin <harold.martin@gmail.com>
Date: Sun, 3 Nov 2024 17:41:39 -0800
Subject: [PATCH] clarify user API token in README

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 97ef9ec..f327e8a 100644
--- a/README.md
+++ b/README.md
@@ -36,7 +36,7 @@ jobs:
 
 ## Authentication
 
-You'll need to configure Wrangler using GitHub's Secrets feature - go to "Settings -> Secrets" and add your Cloudflare API token (for help finding this, see the [Workers documentation](https://developers.cloudflare.com/workers/wrangler/ci-cd/#api-token)). Your API token is encrypted by GitHub, and the action won't print it into logs, so it should be safe!
+You'll need to configure Wrangler using [GitHub's Secrets](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions). feature - go to "Settings -> Secrets" and add your Cloudflare API token (for help finding this, see the [Workers documentation](https://developers.cloudflare.com/workers/wrangler/ci-cd/#api-token)). Note that this must be a [user token](https://dash.cloudflare.com/profile/api-tokens) not an account token. Your API token is encrypted by GitHub, and the action won't print it into logs, so it should be safe!
 
 With your API token set as a secret for your repository, pass it to the action in the `with` block of your workflow. Below, I've set the secret name to `CLOUDFLARE_API_TOKEN`: