Use a pre-existing Access group.
List examples
The request will need to present the headers for any service token created for this account.
Allow access based on the "amr" identifier.
Allow members of an Azure Group. The ID is the group UUID (id) in Azure.
The request will need to present a valid certificate with an expected common name.
Allow a specific country.
Allow an entire email domain.
Allow a specific email address.
Allow anyone to log in.
Allow members of a specific GitHub organization.
Allow members of a specific G Suite group.
You can use the Cloudflare Access API to create policies, including individual rule blocks inside of group or policy bodies. For example, this policy allows all Cloudflare email account users to reach the application with the exception of one account:
Allow an IP range.
The request will need to present a valid certificate.
Allow members of an Okta Group.
Allow users with specific SAML attributes.
The request will need to present the correct service token headers.
Block users in a group from accessing a site.
Block specific users from accessing a site.
You can use the Cloudflare Gateway API to create DNS, network, and HTTP policies, including policies with multiple traffic, identity, and device posture conditions.
Override one hostname with another.
import { ListExamples } from "~/components";
<ListExamples directory="cloudflare-one"/>