[CF1] IA revamp: Reusable components (#26037)

* new folder

* move posture checks

* custom pages

* update links

* tags

* fix image link

* fix image link

* fix links

Author: ranbel

public/__redirects

@@ -2387,6 +2387,8 @@
 /cloudflare-one/identity/users/session-management/ /cloudflare-one/team-and-resources/users/session-management/ 301
 /cloudflare-one/identity/users/seat-management/ /cloudflare-one/team-and-resources/users/seat-management/ 301
 /cloudflare-one/identity/users/scim/ /cloudflare-one/team-and-resources/users/scim/ 301
+/cloudflare-one/applications/login-page/ /cloudflare-one/reusable-components/custom-pages/access-login-page/ 301
+/cloudflare-one/applications/block-page/ /cloudflare-one/reusable-components/custom-pages/access-block-page/ 301
 /cloudflare-one/connections/connect-devices/* /cloudflare-one/team-and-resources/devices/:splat 301
 /cloudflare-one/connections/connect-networks/* /cloudflare-one/networks/connectors/cloudflare-tunnel/:splat 301
 /cloudflare-one/policies/gateway/* /cloudflare-one/traffic-policies/:splat 301
@@ -2398,6 +2400,7 @@
 /cloudflare-one/identity/devices/service-providers/* /cloudflare-one/integrations/service-providers/:splat 301
 /cloudflare-one/applications/configure-apps/* /cloudflare-one/access-controls/applications/http-apps/:splat 301
 /cloudflare-one/applications/non-http/* /cloudflare-one/access-controls/applications/non-http/:splat 301
+/cloudflare-one/identity/devices/* /cloudflare-one/reusable-components/posture-checks/:splat 301
 
 # Learning paths
 

src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/enforce-mtls.mdx

@@ -24,7 +24,7 @@ However, if you want to update the Minimum TLS settings for all wildcard hostnam
 
 ## Enable mTLS
 
-Once you have [added a custom hostname](/cloudflare-for-platforms/cloudflare-for-saas/start/getting-started/), you can enable mTLS by using Cloudflare Access. Go to [Cloudflare Zero Trust](https://one.dash.cloudflare.com/) and [add mTLS authentication](/cloudflare-one/identity/devices/access-integrations/mutual-tls-authentication/) with a few clicks.
+Once you have [added a custom hostname](/cloudflare-for-platforms/cloudflare-for-saas/start/getting-started/), you can enable mTLS by using Cloudflare Access. Go to [Cloudflare Zero Trust](https://one.dash.cloudflare.com/) and [add mTLS authentication](/cloudflare-one/reusable-components/posture-checks/access-integrations/mutual-tls-authentication/) with a few clicks.
 
 :::note
 Currently, you cannot add mTLS policies for custom hostnames using [API Shield](/api-shield/security/mtls/).

src/content/docs/cloudflare-one/access-controls/applications/http-apps/mcp-servers/mcp-portals.mdx

@@ -107,7 +107,7 @@ Cloudflare Access automatically creates an Access application for each MCP serve
 3. To configure identity providers for the portal:
    1. Select the **Login methods** tab.
    2. Select the [identity providers](/cloudflare-one/integrations/identity-providers/) that you want to enable for your application.
-   3. (Recommended) If you plan to only allow access via a single identity provider, turn on **Instant Auth**. End users will not be shown the [Cloudflare Access login page](/cloudflare-one/applications/login-page/). Instead, Cloudflare will redirect users directly to your SSO login event.
+   3. (Recommended) If you plan to only allow access via a single identity provider, turn on **Instant Auth**. End users will not be shown the [Cloudflare Access login page](/cloudflare-one/reusable-components/custom-pages/access-login-page/). Instead, Cloudflare will redirect users directly to your SSO login event.
 4. To customize the block page:
    1. Select the **Experience settings** tab.
    2. <Render file="access/access-block-page" product="cloudflare-one" />

src/content/docs/cloudflare-one/access-controls/applications/non-http/self-hosted-private-app.mdx

@@ -40,7 +40,7 @@ This feature replaces the legacy [private network app type](/cloudflare-one/acce
 8.  Configure how users will authenticate:
 
         1. Select the [**Identity providers**](/cloudflare-one/integrations/identity-providers/) you want to enable for your application.
-        2. (Recommended) If you plan to only allow access via a single IdP, turn on **Instant Auth**. End users will not be shown the [Cloudflare Access login page](/cloudflare-one/applications/login-page/). Instead, Cloudflare will redirect users directly to your SSO login event.
+        2. (Recommended) If you plan to only allow access via a single IdP, turn on **Instant Auth**. End users will not be shown the [Cloudflare Access login page](/cloudflare-one/reusable-components/custom-pages/access-login-page/). Instead, Cloudflare will redirect users directly to your SSO login event.
         3. (Recommended) Turn on **WARP authentication identity** to allow users to authenticate to the application using their [WARP session identity](/cloudflare-one/team-and-resources/devices/warp/configure-warp/warp-sessions/). We recommend turning this on if your application is not in the browser and cannot handle a `302` redirect.
 
 9.  Select **Next**.

src/content/docs/cloudflare-one/access-controls/policies/index.mdx

@@ -152,7 +152,7 @@ Non-identity attributes are polled continuously, meaning they are-evaluated with
 | Identity provider group  | Checks the user groups configured with your identity provider (IdP). This selector only displays if you use Microsoft Entra ID, GitHub, Google, Okta, or an IdP that provisions groups with [SCIM](/cloudflare-one/team-and-resources/users/scim/). | ✅               | ❌                               | ✅                       |
 | SAML Group               | Checks a SAML attribute name / value pair. This selector only displays if you use a [generic SAML](/cloudflare-one/integrations/identity-providers/generic-saml/) identity provider.                                                             | ✅               | ❌                               | ✅                       |
 | OIDC Claim               | Checks an OIDC claim name / value pair. This selector only displays if you use a [generic OIDC](/cloudflare-one/integrations/identity-providers/generic-oidc/) identity provider.                                                                | ✅               | ❌                               | ✅                       |
-| Device posture           | Checks [device posture signals](/cloudflare-one/identity/devices/) from the WARP client or a third-party service provider.                                                                                                                | ✅               | ✅                               | ❌                       |
+| Device posture           | Checks [device posture signals](/cloudflare-one/reusable-components/posture-checks/) from the WARP client or a third-party service provider.                                                                                                                | ✅               | ✅                               | ❌                       |
 | Warp                     | Checks that the device is connected to WARP, including the consumer version.                                                                                                                                                              | ✅               | ✅                               | ❌                       |
 | Gateway                  | Checks that the device is connected to your Zero Trust instance through the [WARP client](/cloudflare-one/team-and-resources/devices/warp/).                                                                                             | ✅               | ✅                               | ❌                       |
 

src/content/docs/cloudflare-one/api-terraform/index.mdx

@@ -2,7 +2,7 @@
 pcx_content_type: navigation
 title: API and Terraform
 sidebar:
-  order: 11
+  order: 15
 ---
 
 import { DirectoryListing, Render } from "~/components";

src/content/docs/cloudflare-one/applications/app-launcher.mdx

@@ -8,7 +8,3 @@ sidebar:
 import { Render } from "~/components";
 
 <Render file="access/app-launcher" product="cloudflare-one" />
-
-## Tags
-
-<Render file="access/tags" product="cloudflare-one" />

src/content/docs/cloudflare-one/data-loss-prevention/dlp-policies/common-policies.mdx

@@ -41,7 +41,7 @@ You can configure access on a per-user or group basis by adding [identity-based
 
 Many Android applications (such as Google Drive) use <GlossaryTooltip term="certificate pinning" link="/ssl/reference/certificate-pinning/">certificate pinning</GlossaryTooltip>, which is incompatible with Gateway inspection. If needed, you can create a [Do Not Inspect policy](/cloudflare-one/traffic-policies/http-policies/#do-not-inspect) so that the app can continue to function on Android:
 
-1. Set up an [OS version device posture check](/cloudflare-one/identity/devices/warp-client-checks/os-version/) that checks for the Android operating system.
+1. Set up an [OS version device posture check](/cloudflare-one/reusable-components/posture-checks/warp-client-checks/os-version/) that checks for the Android operating system.
 
 2. Create the following HTTP policy in Gateway:
 

src/content/docs/cloudflare-one/faq/policies-faq.mdx

@@ -59,7 +59,7 @@ If the domain is only blocked by a network policy, it may be because:
 
 ## When does Access return a Forbidden status page versus a login page?
 
-Access returns a Forbidden page with status codes `401`/`403` when it determines there is no way a user can pass a [policy](/cloudflare-one/access-controls/policies/). If Cloudflare can make a full policy determination that a user will not be able to log in, Access will return a Forbidden page instead of a [login page](/cloudflare-one/applications/login-page/).
+Access returns a Forbidden page with status codes `401`/`403` when it determines there is no way a user can pass a [policy](/cloudflare-one/access-controls/policies/). If Cloudflare can make a full policy determination that a user will not be able to log in, Access will return a Forbidden page instead of a [login page](/cloudflare-one/reusable-components/custom-pages/access-login-page/).
 
 For example, your application has a policy that requires a user to be in a [specific geolocation](/cloudflare-one/access-controls/policies/#allow) to log in.