Workers, WAF, DDoS, R2, and Pages telemetry. Edge auth + rate-limit policies surface in the Nova policy view.
Once connected, Cloudflare telemetry flows into Nova's observability stack: signals join the service map, alerts route through Nova's correlation engine, and incidents tie back to the underlying Cloudflare resources for root-cause analysis.
Two paths depending on your setup:
OAuth (recommended). Click connect in the Nova admin UI, sign in with your Cloudflare account, scope down to read-only, done. Token rotation is handled automatically.
API key. For Cloudflare accounts that don't support OAuth or for service-account workflows. Generate the key in Cloudflare, paste it into Nova's integrations settings, and Nova validates the connection.
Read-only by default: events, metrics, logs, audit data. We do not modify your Cloudflare configuration without explicit approval through Nova's policy envelope. Write actions (when enabled) go through the agent fleet with a full audit trail.