Use Wrangler auth profiles to stop switching Cloudflare logins by hand

Cloudflare changelog preview image.Cloudflare
Cloudflare changelog preview image.Cloudflare
Tools & Apps

Cloudflare added Wrangler auth profiles, letting Workers developers bind named OAuth logins to project directories and switch Cloudflare accounts automatically.

Cloudflare has confirmed Wrangler auth profiles, a CLI feature for developers who move between multiple Cloudflare accounts. The practical benefit is narrower, project-scoped login behavior: a directory can use the right named OAuth profile automatically instead of forcing repeated wrangler login switching.

Cloudflare changelog preview
Source image from Cloudflare Docs.

What changed

On July 2, 2026, Cloudflare announced that Wrangler supports auth profiles. A profile is a named OAuth login bound to a directory, and Wrangler uses the matching account when commands run in that directory or its subdirectories.

Cloudflare’s Wrangler docs now list Authentication profiles as part of the CLI documentation surface. The Workers SDK release notes also show related auth-profile and keyring work, including named profile commands and optional OS keychain storage for OAuth credentials.

Why this is early

This is an official Cloudflare changelog item, not a community workaround. It is early in the sense that teams with many accounts will need to update local setup docs, CI guidance, and developer onboarding before the feature becomes a normal habit.

The GitHub release feed is useful corroboration because Wrangler ships through the Cloudflare Workers SDK. Treat release-note snippets as implementation context, then follow the Cloudflare docs for current command syntax and supported platforms.

Key takeaways

  • Wrangler auth profiles let developers keep separate Cloudflare account logins and switch by project directory.
  • The feature targets local developer friction, especially agencies, consultants, multi-tenant teams, and engineers with personal plus company accounts.
  • Cloudflare still documents Wrangler as the main CLI for building, testing, and deploying Workers projects.
  • Related Workers SDK release notes mention named auth commands and optional keychain-backed credential storage.
  • Teams should update onboarding docs so developers do not keep reusing one broad account login everywhere.
SetupBest fitWhat improvesWhat to check
One global Wrangler loginSolo projectsSimple setupEasy to point commands at the wrong account
Named auth profilesMultiple accounts or clientsDirectory-based account switchingProfile naming and onboarding docs
API tokens in CIAutomated deploysNon-interactive buildsToken scope, rotation, and secret storage
Keychain-backed OAuth storageLocal machinesBetter credential-at-rest handlingOS support and team install prerequisites

Availability and access

Cloudflare says Wrangler auth profiles are available now. The feature is relevant to local CLI use, not only production deployments, so teams can test it without changing Worker code.

Before rolling it out to a team, confirm the Wrangler version that includes the commands you need. Also decide where API tokens remain better, especially for CI/CD, headless servers, and deployment systems that should not depend on a human OAuth session.

Practical LinkLoot angle

This is a small CLI feature with a real operational payoff. If you deploy Workers for several clients or run separate staging, production, and personal accounts, auth profiles reduce a common class of mistakes: sending a deploy, secret, or route update to the wrong Cloudflare account.

Pair the change with a repo-level setup note. Put the expected profile name, account scope, and CI token path near the project’s deploy instructions. LinkLoot’s AI workflow automation guide is a useful companion when agents or scripts operate against cloud accounts and need explicit account boundaries.

What to verify before you act

  • Check your installed Wrangler version and upgrade path before documenting the command sequence.
  • Confirm how profiles bind to directories and how nested repositories behave.
  • Decide whether local OAuth profiles, CI API tokens, or both should be allowed for each project.
  • Review keychain support on macOS, Linux, and Windows before requiring encrypted local credential storage.
  • Test a harmless command against each profile before running deploys, secret writes, or route changes.

Source check

Confirmed by: Cloudflare’s July 2, 2026 changelog confirms Wrangler auth profiles and describes directory-scoped account switching.

Context and implementation signals: Cloudflare’s Wrangler docs list Authentication profiles in the CLI documentation. The Cloudflare Workers SDK release feed shows related Wrangler auth commands and credential-storage changes, but the changelog remains the primary source for the feature announcement.

FAQ

They are named OAuth logins for the Cloudflare Wrangler CLI that can be scoped to project directories.