I didn’t love Cloudflare’s documentation, so here’s a (very) quick guide to using Service Auth on Cloudflare Access. This guide assumes you’ve gone through and set up Cloudflare Zero Trust and have an existing application.
Create a Token
- Head to your dashboard
- Expand Access > Service Auth
- Create a service token by clicking the create service token button and save the generated headers and values in a safe place
Add a Policy
- Expand Access > Applications
- Click Edit on the application you want to use the service token for
- Add a new policy
- You can’t add a service token to a policy that has users
- Give your policy a name, under action select service auth
- Add an include rule
- Select Service Token and add the token you created above
- Save your new policy
In your request header be sure to include
CF-Access-Client-Secret as headers.