You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* Clarify provider and customer in different accounts and detail steps
* Process changes from PM review
* Adjust field validation warning to be consistent with updated prereq
* Apply suggestion from code review
Co-authored-by: Jun Lee <[email protected]>
---------
Co-authored-by: Jun Lee <[email protected]>
Copy file name to clipboardExpand all lines: src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/security/secure-with-access.mdx
+12-5Lines changed: 12 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -13,11 +13,18 @@ Cloudflare Access provides visibility and control over who has access to your [c
13
13
14
14
## Prerequisites
15
15
16
-
* A custom hostname in a Standard, Apex Proxy or BYOIP configuration. For setup instructions, refer to [Configuring Cloudflare for SaaS](/cloudflare-for-platforms/cloudflare-for-saas/start/getting-started/).
17
-
* A Cloudflare Zero Trust plan in the same Cloudflare account as your custom hostname. Learn more about [getting started with Zero Trust](/cloudflare-one/setup/).
16
+
* You must have an active custom hostname. For setup instructions, refer to [Configuring Cloudflare for SaaS](/cloudflare-for-platforms/cloudflare-for-saas/start/getting-started/).
17
+
* You must have a Cloudflare Zero Trust plan in your SaaS provider account. Learn more about [getting started with Zero Trust](/cloudflare-one/setup/).
18
+
* You can only run Access on custom hostnames if they are managed externally to Cloudflare or in a separate Cloudflare account. If the custom hostname zone is in the same account as the SaaS zone, the Access application will not be applied.
18
19
19
20
## Setup
20
21
21
-
1. In [Zero Trust](https://one.dash.cloudflare.com/), create an Access [self-hosted application](/cloudflare-one/applications/configure-apps/self-hosted-apps/). Access applications can only be configured for custom hostnames owned within the same account. Access applications cannot be configured in the SaaS provider's account at this time.
22
-
2. In the **Domain** field, enter the custom hostname (for example, `mycustomhostname.com`). The custom hostname will not appear in the dropdown and must be manually entered.
23
-
3. Follow the remaining self-hosted application creation steps to publish the application.
22
+
1. At your SaaS provider account, select [Zero Trust](https://one.dash.cloudflare.com).
23
+
2. Go to **Access** > **Applications**.
24
+
3. Select **Add an application** and, for type of application, select **Self-hosted**.
25
+
4. Enter a name for your Access application and, in **Session Duration**, choose how often the user's [application token](/cloudflare-one/identity/authorization-cookie/application-token/) should expire.
26
+
5. In the **Domain** field, insert the custom hostname (for example, `mycustomhostname.com`) and press enter. The custom hostname will not appear in the dropdown and must be manually entered.
27
+
:::caution[Domain field validation]
28
+
Since the custom hostname zone must be managed externally to Cloudflare or in a separate Cloudflare account, it is expected that you find a validation warning `Zone is not associated with the current account`. You can proceed with the configuration despite this message.
29
+
:::
30
+
6. Follow the remaining [self-hosted application creation steps](/cloudflare-one/applications/configure-apps/self-hosted-apps/) to publish the application.
0 commit comments