[ZT] App Library (#24034)

maxvp · marciocloudflare · thomasgauvin · commit 1ab2f9207d44 · 2025-08-15T16:52:35.000-04:00
Co-authored-by: marciocloudflare &lt;83226960+marciocloudflare@users.noreply.github.com&gt;
diff --git a/src/content/docs/cloudflare-one/applications/app-library.mdx b/src/content/docs/cloudflare-one/applications/app-library.mdx
@@ -0,0 +1,55 @@
+---
+pcx_content_type: how-to
+title: Application Library
+sidebar:
+  order: 4
+---
+
+import { Render, GlossaryTooltip } from "~/components";
+
+The Application Library allows users to manage their SaaS applications in Cloudflare Zero Trust by consolidating views across all relevant products: [Gateway](/cloudflare-one/policies/gateway/), [Access](/cloudflare-one/policies/access/), and [Cloud Access Security Broker (CASB)](/cloudflare-one/applications/casb/). The App Library provides visibility and control for available applications, as well as the ability to view categorized hostnames and manage configuration for Access for SaaS and Gateway policies. For example, you can use the App Library to review how Gateway uses specific hostnames to match against application traffic.
+
+To access the App Library in [Zero Trust](https://one.dash.cloudflare.com/), go to **My team** > **App Library**. Each application card will list the number of hostnames associated with the application, the supported Zero Trust product usage, and the [app type](/cloudflare-one/policies/gateway/application-app-types/#app-types).
+
+## View application details
+
+Select an application card to view details about the application.
+
+### Overview
+
+The **Overview** tab shows details about an application, including:
+
+- Name
+- Shadow IT [review status](/cloudflare-one/insights/analytics/shadow-it-discovery/#approval-status)
+- Number of hostnames
+- [App type](/cloudflare-one/policies/gateway/application-app-types/#app-types)
+- Supported Zero Trust applications
+- Application ID for use with the API and Terraform
+
+### Findings
+
+The **Findings** tab shows any connected [CASB integrations](/cloudflare-one/applications/casb/#manage-casb-integrations) for the selected application, as well as instances of any detected [posture findings](/cloudflare-one/applications/casb/manage-findings/#posture-findings) and [content findings](/cloudflare-one/applications/casb/manage-findings/#content-findings) for each integration.
+
+### Policies
+
+The **Policies** tab shows any [Gateway](/cloudflare-one/policies/gateway/) and [Access for SaaS](/cloudflare-one/applications/configure-apps/saas-apps/) policies related to the selected application.
+
+### Usage
+
+The **Usage** tab shows any logs for [Gateway traffic requests](/cloudflare-one/insights/logs/gateway-logs/), [Access authentication events](/cloudflare-one/insights/logs/audit-logs/#authentication-logs), and [Shadow IT Discovery user sessions](/cloudflare-one/insights/analytics/shadow-it-discovery/) sent to the selected application. This section requires logs to be turned on for each feature.
+
+The Shadow IT Discovery dashboard will provide more details for discovered applications. To access Shadow IT Discovery in [Zero Trust](https://one.dash.cloudflare.com/), go to **Analytics**, then select **Shadow IT Discovery**.
+
+## Review applications
+
+To organize applications into their approval status for your organization, you can mark them as **Unreviewed** (default), **In review**, **Approved**, and **Unapproved**. The App Library synchronizes application review statuses with [approval statuses](/cloudflare-one/insights/analytics/shadow-it-discovery/#approval-status) from Shadow IT Discovery.
+
+<Render file="approval-status-block" />
+
+To set the status of an application:
+
+1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **My team** > **App Library**.
+2. Locate the card for the application.
+3. In the three-dot menu, select the option to mark your desired status.
+
+Once you mark the status of an application, its badge will change. You can filter applications by their status to review each application in the list for your organization.
diff --git a/src/content/docs/cloudflare-one/insights/analytics/shadow-it-discovery.mdx b/src/content/docs/cloudflare-one/insights/analytics/shadow-it-discovery.mdx
@@ -5,6 +5,8 @@ sidebar:
   order: 5
 ---
 
+import { Render } from "~/components";
+
 Shadow IT Discovery provides visibility into the SaaS applications and private network origins your users are visiting. This information allows you to create identity and device-driven Zero Trust policies to secure your users and data.
 
 To view Shadow IT Discovery in [Zero Trust](https://one.dash.cloudflare.com), go to **Analytics**, then select **Shadow IT Discovery**.
@@ -88,9 +90,7 @@ The origin's status will now be updated across charts and visualizations on the
 
 Within Shadow IT Discovery, applications are labeled according to their status. The default status for a discovered application is **Unreviewed**. Your organization can determine the status of each application and change their status at any time.
 
-:::note
-Approval status does not impact a user's ability to access the application. Users are allowed or blocked according to your Access and Gateway policies.
-:::
+<Render file="approval-status-block" />
 
 | Status     | Description                                                                                            |
 | ---------- | ------------------------------------------------------------------------------------------------------ |
diff --git a/src/content/partials/cloudflare-one/approval-status-block.mdx b/src/content/partials/cloudflare-one/approval-status-block.mdx
@@ -0,0 +1,7 @@
+---
+{}
+---
+
+:::note
+Approval status does not impact a user's ability to access the application. Users are allowed or blocked according to your Access and Gateway policies.
+:::
diff --git a/src/content/partials/cloudflare-one/casb/manage-integrations.mdx b/src/content/partials/cloudflare-one/casb/manage-integrations.mdx
@@ -23,10 +23,11 @@ Once CASB detects at least one finding, you can [view and manage your findings](
 ### Pause an integration
 
 1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Integrations**.
-2. Find the integration you would like to pause and select **Manage**.
-3. To stop scanning the application, turn off **Scan findings**.
+2. Find the integration you would like to pause and select **Configure**.
+3. To stop scanning the application, turn off **Scan for findings**.
+4. Select **Save integration**.
 
-You can resume CASB scanning at any time by turning on **Scan findings**.
+You can resume CASB scanning at any time by turning on **Scan for findings**.
 
 ### Delete an integration
 
@@ -35,5 +36,7 @@ When you delete an integration, all keys and OAuth data will be deleted. This me
 :::
 
 1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Integrations**.
-2. Find the integration you would like to delete and select **Manage**.
-3. Select **Delete**.
+2. Find the integration you would like to delete and select **Configure**.
+3. Select **Disenroll**.
+
+To resume scanning the integration for findings, you will need to [add the integration](#add-an-integration) again.

-Original file line number
+Diff line change
@@ @@ -0,0 +1,7 @@ @@
 +---
 +{}
 +---
++
 +:::note
 +Approval status does not impact a user's ability to access the application. Users are allowed or blocked according to your Access and Gateway policies.
 +:::