Profiles and connections

Required profile fields

Every connection profile requires:

• Profile name
• Account ID
• Access Key ID
• Secret Access Key

Optional fields:

• Temporary session token
• Endpoint override
• Public base URL
• Cloudflare Zone ID
• CDN domain
• Cloudflare API token for cache purge

Multiple profile management

R2 Desk Pro is built to handle more than one environment cleanly.

Use multiple profiles when you need to separate:

• production and staging
• different Cloudflare accounts
• short-lived session-token access and long-lived credentials
• custom endpoint behavior for a specific environment

Profile switching is meant to be operational, not fragile.

How validation works

When you save a profile, the backend validates credentials by attempting an R2 bucket listing call.

That means:

• Save succeeds when the credential can authenticate and list buckets.
• Save fails when the credential is valid but does not have permission to list buckets.
• The app does not bypass validation to save a half-working profile.

This is deliberate. It prevents support tickets caused by profiles that were accepted even though basic access was missing.

Endpoint behavior

By default the app derives the endpoint automatically from the Account ID. You do not normally type the R2 API endpoint.

https://<ACCOUNT_ID>.r2.cloudflarestorage.com

All request signing stays in the Tauri backend. The frontend never talks directly to R2.

Endpoint override support

Use endpoint override only when you intentionally need a non-default R2 endpoint path.

Expected behavior:

• the override remains attached to that profile only
• validation still happens before the profile is trusted
• backend signing and execution rules remain unchanged

If an endpoint override causes validation failure, treat that as configuration drift first.

Temporary session token support

If your R2 access path uses temporary credentials, store the session token in the profile along with the access key pair.

This keeps short-lived access in the same desktop workflow while preserving:

• OS keychain secret storage
• vault-gated operational access
• backend-only request execution

HTTPS-only fields

The app rejects insecure URLs during profile save.

These fields must use https://:

• Public base URL
• CDN domain

Invalid examples:

• http://assets.example.com
• assets.example.com

Valid example:

• https://assets.example.com

Cache purge configuration

Cache purge is optional. Do not configure it unless you actually need it.

For purge actions to work, the profile needs:

• Cloudflare Zone ID
• Cloudflare API token with cache purge permission
• A public URL mapping that resolves selected objects to public URLs

If those values are missing, purge actions are unavailable. That is configuration, not an application defect.

Profile switching

You can store multiple profiles and switch the active one at any time.

When switching profiles:

• Buckets refresh under the newly active credential.
• Public URL behavior changes to match the selected profile.
• Cache purge configuration changes with the active profile.
• Endpoint override and session-token behavior changes with the active profile.

Delete behavior

Deleting a profile is a credential operation, not simple UI cleanup.

Current behavior:

• The keychain entry is removed.
• Profile metadata is removed from local storage.
• Transfers and sync work tied to that profile are cancelled before the profile is removed.

Common validation failures

Access denied on save

Meaning: the credential authenticated, but the backend was not allowed to list buckets.

Fix:

• Add bucket-list permission to the credential policy.
• Confirm the keys belong to the intended Cloudflare account.

Generic service error on save

Check:

• Account ID format
• Correct key pair
• Temporary network or TLS interception issues
• Antivirus or endpoint security products blocking local runtime behavior

Public URL rejected

The field is not optional once populated. If you type a value, it must be a valid HTTPS URL.