Cloudflare tunnel, API access to the internal application
So I have this internal app with a UI, that people can access with cloudflare HTTP tunnel, and use their email to login.
We need to allow API requests against this internal app, so I created a Zero trust > Access > "Service Auth" token. I put the headers given by Cloudflare in postman, and test the request, but hit the cloudflare "Sign in ・ Cloudflare Access" HTML page.
After re-reading the documentation, I find out that in Zero trust > Access > Applications, I need to add another policy to my Application:
- one for the user emails with SSO login, action "allow", ending with @myorg.com (the default, for users.)
- one for the API, I select the action "Service Auth", and include a rule to allow any Access service token. (the new one I added)
I still cannot do a postman query and hit "Sign in ・ Cloudflare Access" HTML page. Any idea what am I missing? What I could be doing wrong?
1 Reply
Did you ever find a solution to this challenge, @François ? I'm trying to do the same, failing still. I hoped that having two policies would validate one or the other. But I haven't found a way to do so.