How not to add the identity provider to my applications under zero trust?
Hi folks,
I have one external identity provider configured, but for one specific application I don't want to include this provider as the login method, and I want it to be public to some countries, hence I use the country rule to do that.
But no matter how I configured it, my application always have the identity provider page as the login page.
2 Replies
I'm guessing your country policy action is set to Allow?
The different access policy actions do different things
https://developers.cloudflare.com/cloudflare-one/policies/access/#actions
Allow = Go through Identity Provider, then check rules
Bypass = Go back to normal zone/website security, skip access, no jwt
Service Auth = Auth through Access without identity, works with things verifying the access jwt like tunnels
Many thanks! I haven't taken a careful look at the docs, never thought Allow implies an IdP validation!