You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/cloudflare-one/applications/non-http/self-hosted-private-app.mdx
+22-22Lines changed: 22 additions & 22 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -22,35 +22,35 @@ This feature replaces the legacy [private network app type](/cloudflare-one/appl
22
22
23
23
## Add your application to Access
24
24
25
-
1.In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**.
25
+
1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**.
26
26
27
-
2.Select **Add an application**.
27
+
2. Select **Add an application**.
28
28
29
-
3.Select **Self-hosted**.
29
+
3. Select **Self-hosted**.
30
30
31
-
4.Enter any name for the application.
31
+
4. Enter any name for the application.
32
32
33
-
5.In **Session Duration**, choose how often the user's [application token](/cloudflare-one/identity/authorization-cookie/application-token/) should expire.
33
+
5. In **Session Duration**, choose how often the user's [application token](/cloudflare-one/identity/authorization-cookie/application-token/) should expire.
34
34
35
-
Cloudflare checks every HTTPS request to your application for a valid application token. If the user's application token (and global token) has expired, they will be prompted to reauthenticate with the IdP. For more information, refer to [Session management](/cloudflare-one/identity/users/session-management/). If the application is non-HTTPS or you do not have TLS decryption turned on, the session is tracked by the WARP client per application.
35
+
Cloudflare checks every HTTPS request to your application for a valid application token. If the user's application token (and global token) has expired, they will be prompted to reauthenticate with the IdP. For more information, refer to [Session management](/cloudflare-one/identity/users/session-management/). If the application is non-HTTPS or you do not have TLS decryption turned on, the session is tracked by the WARP client per application.
36
36
37
-
6.Add the private IP and/or private hostname that represents the application. You can use [wildcards](/cloudflare-one/policies/access/app-paths/) with private hostnames to protect multiple parts of an application that share a root path.
37
+
6. Add the private IP and/or private hostname that represents the application. You can use [wildcards](/cloudflare-one/policies/access/app-paths/) with private hostnames to protect multiple parts of an application that share a root path.
38
38
39
-
:::note
40
-
Private hostnames are currently only available over port `443` over HTTPS and the application must have a valid Server Name Indicator (SNI).
41
-
:::
39
+
:::note
40
+
Private hostnames are currently only available over port `443` over HTTPS and the application must have a valid Server Name Indicator (SNI).
41
+
:::
42
42
43
-
7.Add [Access policies](/cloudflare-one/policies/access/) to control who can connect to your application. All Access applications are deny by default -- a user must match an Allow policy before they are granted access.
43
+
7. Add [Access policies](/cloudflare-one/policies/access/) to control who can connect to your application. All Access applications are deny by default -- a user must match an Allow policy before they are granted access.
44
44
45
-
8.Configure how users will authenticate:
45
+
8. Configure how users will authenticate:
46
46
47
-
1. Select the [**Identity providers**](/cloudflare-one/identity/idp-integration/) you want to enable for your application.
47
+
1. Select the [**Identity providers**](/cloudflare-one/identity/idp-integration/) you want to enable for your application.
48
48
49
-
2. (Recommended) If you plan to only allow access via a single IdP, turn on **Instant Auth**. End users will not be shown the [Cloudflare Access login page](/cloudflare-one/applications/login-page/). Instead, Cloudflare will redirect users directly to your SSO login event.
49
+
2. (Recommended) If you plan to only allow access via a single IdP, turn on **Instant Auth**. End users will not be shown the [Cloudflare Access login page](/cloudflare-one/applications/login-page/). Instead, Cloudflare will redirect users directly to your SSO login event.
50
50
51
-
3. (Recommended) Turn on **WARP authentication identity** to allow users to authenticate to the application using their [WARP session identity](/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-sessions/). We recommend turning this on if your application is not in the browser and cannot handle a `302` redirect.
51
+
3. (Recommended) Turn on **WARP authentication identity** to allow users to authenticate to the application using their [WARP session identity](/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-sessions/). We recommend turning this on if your application is not in the browser and cannot handle a `302` redirect.
52
52
53
-
9.Select **Next**.
53
+
9. Select **Next**.
54
54
55
55
10. (Optional) Configure [App Launcher settings](/cloudflare-one/applications/app-launcher/) for the application.
56
56
@@ -60,12 +60,12 @@ This feature replaces the legacy [private network app type](/cloudflare-one/appl
60
60
61
61
13. (Optional) Configure advanced settings. These settings only apply to private hostnames and require Gateway TLS decryption.
-[Browser rendering for SSH and VNC](/cloudflare-one/applications/non-http/browser-rendering/)
68
-
-**401 Response for Service Auth policies**: Return a `401` response code when a user (or machine) makes a request to the application without the correct [service token](/cloudflare-one/identity/service-tokens/).
-[Browser rendering for SSH and VNC](/cloudflare-one/applications/non-http/browser-rendering/)
68
+
-**401 Response for Service Auth policies**: Return a `401` response code when a user (or machine) makes a request to the application without the correct [service token](/cloudflare-one/identity/service-tokens/).
0 commit comments