private app notifications

ranbel · ranbel · commit b5ad0dbe6d7c · 2025-03-10T14:36:39.000-04:00
diff --git a/src/content/docs/cloudflare-one/applications/non-http/self-hosted-private-app.mdx b/src/content/docs/cloudflare-one/applications/non-http/self-hosted-private-app.mdx
@@ -18,7 +18,6 @@ This feature replaces the legacy [private network app type](/cloudflare-one/appl
 
 - Private IPs and hostnames are reachable over Cloudflare WARP, Magic WAN or Browser Isolation. For more details, refer to [Connect a private network](/cloudflare-one/connections/connect-networks/private-net/).
 - Private hostnames route to your custom DNS resolver through [Local Domain Fallback](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/local-domains/) or [Gateway resolver policies](/cloudflare-one/policies/gateway/resolver-policies/).
-- [Gateway TLS decryption](/cloudflare-one/policies/gateway/http-policies/tls-decryption/) must be enabled if you would like to present a login page in the browser and issue an authorization JWT to your origin. Otherwise, users will receive a pop-up notification from the WARP client and all session management will be handled in the WARP client.
 
 ## Add your application to Access
 
@@ -71,6 +70,17 @@ This feature replaces the legacy [private network app type](/cloudflare-one/appl
 
 Users can now connect to your private application after authenticating with Cloudflare Access.
 
+## Login page
+
+### Browser notification
+
+To prompt users to login in the browser, [Gateway TLS decryption](/cloudflare-one/policies/gateway/http-policies/tls-decryption/) must be enabled. When the user connects to your private hostname or IP, Access will open your [login page](/cloudflare-one/applications/login-page/) and issue an authorization JWT to your origin.
+
+### System notification
+If you do not turn on [Gateway TLS decryption](/cloudflare-one/policies/gateway/http-policies/tls-decryption/), users will receive a pop-up notification from the WARP client and all session management will be handled in the WARP client.
+
+<Render file="gateway/client-notifications-os" product="cloudflare-one" />
+
 ## Modify order of precedence in Gateway
 
 By default, Cloudflare will evaluate a private application's Access policies after evaluating all Gateway network policies. To evaluate Access private applications before or after specific Gateway policies, create the following [Gateway network policy](/cloudflare-one/policies/gateway/network-policies/):
diff --git a/src/content/partials/cloudflare-one/gateway/client-notifications.mdx b/src/content/partials/cloudflare-one/gateway/client-notifications.mdx
@@ -25,4 +25,4 @@ Turn on **Display block notification for WARP client** to display notifications
 
 Upon selecting the notification, WARP will direct your users to a block page. Optionally, you can direct users to a custom URL, such as an internal support form.
 
-<Render file="gateway/client-notifications-OS" product="cloudflare-one" />
+<Render file="gateway/client-notifications-os" product="cloudflare-one" />

Original file line number	Diff line number	Diff line change
`@@ -25,4 +25,4 @@ Turn on Display block notification for WARP client to display notifications`
`25`	`25`
`26`	`26`	`Upon selecting the notification, WARP will direct your users to a block page. Optionally, you can direct users to a custom URL, such as an internal support form.`
`27`	`27`
`28`		`-<Render file="gateway/client-notifications-OS" product="cloudflare-one" />`
	`28`	`+<Render file="gateway/client-notifications-os" product="cloudflare-one" />`