CDN integrations

Overview

CDN Integrations is a control plane for the three major edge providers. Connect a CDN account once and WebGPT can list every zone or property under it, apply settings in bulk across dozens or hundreds of domains, and stream traffic + AI-crawler data into the brand-scoped Technical Health surface on AI Visibility. The page is structured as a tab per provider; each tab handles account-level connections for its CDN.

Cloudflare

The Cloudflare tab is the most feature-rich of the three because it shipped first and accumulated the full WAF + SSL + bulk-operations + analytics surface. Two inner sub-tabs: Accounts (default) and Analytics.

Connecting Cloudflare

Authenticate with either a scoped API token (recommended) or a full-access API key.

1. Open the Cloudflare tab and click Connect.
2. Choose an authentication method:
   • API Token (recommended) — Scoped permissions. Create in Cloudflare → My Profile → API Tokens → Create Token.
   • API Key — Full account access. Find in Cloudflare → My Profile → API Tokens → Global API Key.
3. Enter the Cloudflare email, the key/token, and a friendly account name (e.g., "Main Cloudflare" or "Client Sites").
4. Click Save. Credentials are validated with a live API call, and all zones in the account are synced automatically.

WAF rules

Create, edit, and delete custom WAF rules for any zone. Rules use Cloudflare's expression syntax (e.g., block requests from specific countries, challenge suspicious user agents, allow known bots). Expressions are validated before they're applied, catching syntax errors early.

SSL/TLS mode

Cloudflare's four SSL/TLS modes:

• Off — No encryption (not recommended).
• Flexible — Encrypts visitor-to-Cloudflare, but not Cloudflare-to-origin.
• Full — End-to-end encryption without origin certificate validation.
• Full (Strict) — End-to-end with origin certificate validation. Recommended when the origin has a valid certificate.

Bulk operations

Apply the same WAF rule or SSL mode across dozens or hundreds of zones in a single pass. Select the target domains, define the change, and the background job system processes every zone, tracks per-domain success or failure, and returns a results summary at the end.

Analytics sub-tab

Cloudflare traffic and security data, sourced directly from Cloudflare's analytics — a complementary view to Google Analytics.

• KPI cards — Active domains, unique visitors, average visitors per domain, average visitors per day.
• Trend chart — Visitors over time, with an optional toggle to overlay total requests.
• Top domains — Horizontal bar chart ranking zones by visitors or total requests.
• Category breakdown — Per-category table aggregating active domains, unique visitors, averages, and total requests.

Akamai

The Akamai tab covers account-level connection and credential management. Once connected, Akamai analytics flow into the brand-scoped Technical Health dashboard on AI Visibility — the WAF/SSL/bulk-operations surface that Cloudflare exposes here isn't replicated in this tab (use Akamai's own Control Center for those changes).

Connecting Akamai

1. Open the Akamai tab and click Connect.
2. Enter your Akamai API credentials. Akamai uses EdgeGrid authentication — you'll need the client token, client secret, access token, and host from an API client provisioned in Akamai Control Center → Identity & Access → API Clients.
3. Save. Credentials are validated with a live API call.

Fastly

The Fastly tab covers account-level connection and credential management, mirroring the Akamai tab. Fastly analytics flow into the AI Visibility Technical Health dashboard.

Connecting Fastly

1. Open the Fastly tab and click Connect.
2. Enter a Fastly API token from Fastly account → Account → API tokens. Choose a token scoped to read-only on services unless you need write access.
3. Save. The token is validated against the Fastly API.

How CDN data reaches the Technical Health dashboard

Each connected CDN runs background sync jobs that pull traffic, request, and AI crawler data. The aggregated data is keyed by brand domain and surfaces in the Technical Health tab on AI Visibility — per-domain AI bot access matrix, crawler request volumes, and (when available) reasons crawlers were blocked. Connect at least one CDN that fronts the brand's domains to populate that dashboard.

Troubleshooting

• Cloudflare invalid credentials — Verify the email and key/token combination. Global API keys require clicking "View" and entering the password in the Cloudflare dashboard before copying.
• Cloudflare missing zones — The zone must be active in Cloudflare (not paused or deleted). Try re-syncing the account.
• Cloudflare WAF rule errors — Expression syntax issues are highlighted before applying. If a rule still fails, check for zone-specific conflicts.
• Cloudflare API token permissions — For full functionality, the token needs Zone:Read, Firewall:Write, SSL:Write, and Analytics:Read permissions.
• Akamai authentication — EdgeGrid requires all four fields (client token, client secret, access token, host). Missing or mismatched fields produce a 401.
• Fastly token scope — Read-only tokens are sufficient for analytics ingestion. Service-write tokens are only needed if you plan to add zone-management features in the future.
• Bulk operation failures — Individual domain failures during Cloudflare bulk jobs usually reflect zone-specific issues (e.g., a zone in a pending state). Details are in the job results summary.