From 6265858af9adda9274da68639899fae6510d1b9a Mon Sep 17 00:00:00 2001 From: Ranbel Sun Date: Mon, 17 Mar 2025 17:48:53 -0400 Subject: [PATCH 1/9] QR code enrollment --- .../warp/deployment/manual-deployment.mdx | 55 ++++++++++++++++++- 1 file changed, 53 insertions(+), 2 deletions(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx index acad403fad61eb..64fdcb07ec4ddb 100644 --- a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx @@ -15,13 +15,13 @@ If you plan to direct your users to manually download and configure the WARP cli ## Windows, macOS, and Linux -### Enroll via the GUI +### Enroll using the GUI The device is now protected by your organization's Zero Trust policies. -### Enroll via the CLI +### Enroll using the CLI To enroll your device using the terminal: @@ -74,10 +74,61 @@ The device is now protected by your organization's Zero Trust policies. For more ## iOS, Android, and ChromeOS +### Enroll manually + The device is now protected by your organization's Zero Trust policies. +### Enroll using a QR code + +
+ +| System | Availability | Minimum WARP version | +| -------- | ------------ | -------------------- | +| Windows | ❌ | | +| macOS | ❌ | | +| Linux | ❌ | | +| iOS | ✅ | 1.5 | +| Android | ✅ | | +| ChromeOS | ✅ | | + +
+ +Administrators can provide users with a custom login link or QR code that automatically fills in your organization's team name during device enrollment. Using a QR code reduces the potential for error that comes with manual entry of the team name. + +#### Generate a QR code + +To generate a device enrollment QR code: + +1. Copy the following link, replacing `your_team_name` with your Zero Trust team name: + ```txt + cf1app://oneapp.cloudflare.com/team?name=your_team_name + ``` +2. Use any QR code generator to embed the link in a QR code. +3. Distribute the QR code to users. + +#### Use the QR code + +To enroll a device using the QR code: + +1. [Download](/cloudflare-one/connections/connect-devices/warp/download-warp/) and install the Cloudflare One Agent app. +2. Scan the QR code provided by your administrator. Alternatively, go to the login link that is embedded in the QR code. + + The Cloudflare One Agent app will open and start the onboarding flow. +3. Review the privacy policy and select **Accept**. +4. On the **Enter team name** screen, confirm that the pre-populated team name matches your organization. + + :::note[`Already Authenticated` error] + If Cloudflare One Agent is already logged in using another team name, you must first log out of that account. Go to **Settings** > **Account** to log out, and then retry the QR code or login link. + ::: +6. Complete the authentication steps required by your organization. +7. After authenticating, select **Install VPN Profile**. +8. In the **Connection request** popup window, select **OK**. +9. If you did not enable [auto-connect](https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-settings/#auto-connect), manually turn on the switch to **Connected**. + +The device is now protected by your organization's Zero Trust policies. + ## Virtual machines By default, virtual machines (VMs) are subject to the WARP client settings of the host. If you want to deploy a separate instance of WARP in a VM, you must configure the VM to operate in bridged networking mode. From f62070a90b3615f01c6c6d6c2751b21c9f92fa6d Mon Sep 17 00:00:00 2001 From: ranbel <101146722+ranbel@users.noreply.github.com> Date: Wed, 19 Mar 2025 13:12:12 -0400 Subject: [PATCH 2/9] Update src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx Co-authored-by: hyperlint-ai[bot] <154288675+hyperlint-ai[bot]@users.noreply.github.com> --- .../connect-devices/warp/deployment/manual-deployment.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx index 64fdcb07ec4ddb..3a8245a8206328 100644 --- a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx @@ -125,7 +125,7 @@ To enroll a device using the QR code: 6. Complete the authentication steps required by your organization. 7. After authenticating, select **Install VPN Profile**. 8. In the **Connection request** popup window, select **OK**. -9. If you did not enable [auto-connect](https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-settings/#auto-connect), manually turn on the switch to **Connected**. +9. If you did not enable [auto-connect](/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-settings/#auto-connect), manually turn on the switch to **Connected**. The device is now protected by your organization's Zero Trust policies. From 6a9b0d6a2df4959133a033d5c58bf34997426a37 Mon Sep 17 00:00:00 2001 From: Ranbel Sun Date: Wed, 19 Mar 2025 15:49:23 -0400 Subject: [PATCH 3/9] PM feedback --- .../warp/deployment/manual-deployment.mdx | 52 ++++++++++++------- 1 file changed, 32 insertions(+), 20 deletions(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx index 3a8245a8206328..f2148aeef5e567 100644 --- a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx @@ -80,52 +80,64 @@ The device is now protected by your organization's Zero Trust policies. For more The device is now protected by your organization's Zero Trust policies. -### Enroll using a QR code +### Enroll using a URL
| System | Availability | Minimum WARP version | | -------- | ------------ | -------------------- | -| Windows | ❌ | | +| Windows | ❌ | | | macOS | ❌ | | | Linux | ❌ | | -| iOS | ✅ | 1.5 | -| Android | ✅ | | -| ChromeOS | ✅ | | +| iOS | ✅ | 1.10 | +| Android | ✅ | 2.4 | +| ChromeOS | ✅ | 2.4 |
-Administrators can provide users with a custom login link or QR code that automatically fills in your organization's team name during device enrollment. Using a QR code reduces the potential for error that comes with manual entry of the team name. +Administrators can provide users with a custom login URL that automatically fills in your organization's team name during device enrollment. Using a URL reduces the potential for error that comes with manual entry of the team name. The WARP client supports URLs accessed through a direct link or a QR code. -#### Generate a QR code +#### Generate a login URL -To generate a device enrollment QR code: +To generate a URL for device enrollment: 1. Copy the following link, replacing `your_team_name` with your Zero Trust team name: ```txt cf1app://oneapp.cloudflare.com/team?name=your_team_name ``` -2. Use any QR code generator to embed the link in a QR code. -3. Distribute the QR code to users. +2. (Optional) Use any QR code generator to embed the link in a QR code. +3. Distribute the link or QR code to users. -#### Use the QR code +#### Use the login URL -To enroll a device using the QR code: +To enroll a device using a login URL: 1. [Download](/cloudflare-one/connections/connect-devices/warp/download-warp/) and install the Cloudflare One Agent app. -2. Scan the QR code provided by your administrator. Alternatively, go to the login link that is embedded in the QR code. +2. Go to the [login URL](#generate-a-login-url) provided by your account administrator. Direct links and QR code embedded links are supported. To use a QR code, open the QR scanner app on your device and scan the QR code. The Cloudflare One Agent app will open and start the onboarding flow. -3. Review the privacy policy and select **Accept**. -4. On the **Enter team name** screen, confirm that the pre-populated team name matches your organization. + + :::note + If the device is already enrolled in this account, Cloudflare One agent will bypass onboarding and show the **Connected** switch. + ::: + +3. To complete the onboarding flow: + + a. Review the privacy policy and select **Accept**. + + b. On the **Enter team name** screen, confirm that the pre-populated team name matches your organization. :::note[`Already Authenticated` error] - If Cloudflare One Agent is already logged in using another team name, you must first log out of that account. Go to **Settings** > **Account** to log out, and then retry the QR code or login link. + If Cloudflare One Agent is logged in using another team name, you must first log out of that account. Go to **Settings** > **Account** to log out, and then retry the QR code or login link. ::: -6. Complete the authentication steps required by your organization. -7. After authenticating, select **Install VPN Profile**. -8. In the **Connection request** popup window, select **OK**. -9. If you did not enable [auto-connect](/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-settings/#auto-connect), manually turn on the switch to **Connected**. + + c. Complete the authentication steps required by your organization. + + d. After authenticating, select **Install VPN Profile**. + + e. In the **Connection request** popup window, select **OK**. + +4. If you did not enable [auto-connect](/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-settings/#auto-connect), manually turn on the switch to **Connected**. The device is now protected by your organization's Zero Trust policies. From b4ff3257c871fae8355087260e862d21c93a380b Mon Sep 17 00:00:00 2001 From: Ranbel Sun Date: Wed, 19 Mar 2025 18:18:03 -0400 Subject: [PATCH 4/9] add beta pill --- .../connect-devices/warp/deployment/manual-deployment.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx index f2148aeef5e567..ffb15a2e610ea1 100644 --- a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx @@ -5,7 +5,7 @@ sidebar: order: 2 --- -import { Details, GlossaryTooltip, Render } from "~/components"; +import { Details, GlossaryTooltip, Render, Badge } from "~/components"; If you plan to direct your users to manually download and configure the WARP client, users will need to connect the client to your organization's Cloudflare Zero Trust instance. @@ -80,7 +80,7 @@ The device is now protected by your organization's Zero Trust policies. For more The device is now protected by your organization's Zero Trust policies. -### Enroll using a URL +### Enroll using a URL
From 7293463db8b79851428096c70ed821b454badc37 Mon Sep 17 00:00:00 2001 From: ranbel <101146722+ranbel@users.noreply.github.com> Date: Wed, 26 Mar 2025 13:02:13 -0400 Subject: [PATCH 5/9] Apply suggestions from code review --- .../connect-devices/warp/deployment/manual-deployment.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx index ffb15a2e610ea1..2849c585a12958 100644 --- a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx @@ -95,7 +95,7 @@ The device is now protected by your organization's Zero Trust policies.
-Administrators can provide users with a custom login URL that automatically fills in your organization's team name during device enrollment. Using a URL reduces the potential for error that comes with manual entry of the team name. The WARP client supports URLs accessed through a direct link or a QR code. +Administrators can provide users with a custom login URL that automatically fills in your organization's team name during device enrollment. Using a URL reduces the potential for error that comes with manual entry of the team name. The WARP client supports URLs accessed through a direct link or with a URL handler such as a QR code. #### Generate a login URL From f703e76dd3888b1bb9c829bf7e54ba12f1c934fe Mon Sep 17 00:00:00 2001 From: ranbel <101146722+ranbel@users.noreply.github.com> Date: Wed, 26 Mar 2025 13:02:25 -0400 Subject: [PATCH 6/9] Update src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx --- .../connect-devices/warp/deployment/manual-deployment.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx index 2849c585a12958..69370140b7c7e4 100644 --- a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx @@ -118,7 +118,7 @@ To enroll a device using a login URL: The Cloudflare One Agent app will open and start the onboarding flow. :::note - If the device is already enrolled in this account, Cloudflare One agent will bypass onboarding and show the **Connected** switch. + If the device is already enrolled in the account associated with this URL, Cloudflare One agent will bypass onboarding and show the **Connected** switch. ::: 3. To complete the onboarding flow: From e8a37272a5e69914fe5e6881c0351f76ae7181f8 Mon Sep 17 00:00:00 2001 From: ranbel <101146722+ranbel@users.noreply.github.com> Date: Wed, 26 Mar 2025 13:05:40 -0400 Subject: [PATCH 7/9] Update src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx --- .../connect-devices/warp/deployment/manual-deployment.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx index 69370140b7c7e4..1a074779943b9b 100644 --- a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx @@ -113,7 +113,7 @@ To generate a URL for device enrollment: To enroll a device using a login URL: 1. [Download](/cloudflare-one/connections/connect-devices/warp/download-warp/) and install the Cloudflare One Agent app. -2. Go to the [login URL](#generate-a-login-url) provided by your account administrator. Direct links and QR code embedded links are supported. To use a QR code, open the QR scanner app on your device and scan the QR code. +2. Go to the [login URL](#generate-a-login-url) provided by your account administrator. To use a QR code, open the QR scanner app on your device and scan the QR code. The Cloudflare One Agent app will open and start the onboarding flow. From 5cb1e55fca8ba1c0bf65a4725e01b89e5ebb6362 Mon Sep 17 00:00:00 2001 From: Ranbel Sun Date: Wed, 26 Mar 2025 13:21:59 -0400 Subject: [PATCH 8/9] browser support --- .../connect-devices/warp/deployment/manual-deployment.mdx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx index 1a074779943b9b..beb5b935661213 100644 --- a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx @@ -95,7 +95,9 @@ The device is now protected by your organization's Zero Trust policies. -Administrators can provide users with a custom login URL that automatically fills in your organization's team name during device enrollment. Using a URL reduces the potential for error that comes with manual entry of the team name. The WARP client supports URLs accessed through a direct link or with a URL handler such as a QR code. +Administrators can provide users with a custom login URL that automatically fills in your organization's team name during device enrollment. Using a URL reduces the potential for error that comes with manual entry of the team name. + +The WARP client supports URLs accessed through a direct link or with a URL handler such as a QR code. Direct links are currently only supported in Safari and Firefox. If your default browser is Chrome (or another unsupported browser), we recommend embedding the link in a QR code. #### Generate a login URL From 73b160b6e74134216d29e0716b9c2a47f5675b7a Mon Sep 17 00:00:00 2001 From: ranbel <101146722+ranbel@users.noreply.github.com> Date: Wed, 26 Mar 2025 14:15:50 -0400 Subject: [PATCH 9/9] Apply suggestions from code review --- .../connect-devices/warp/deployment/manual-deployment.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx index beb5b935661213..ba76920e7a20a1 100644 --- a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx @@ -103,9 +103,9 @@ The WARP client supports URLs accessed through a direct link or with a URL handl To generate a URL for device enrollment: -1. Copy the following link, replacing `your_team_name` with your Zero Trust team name: +1. Copy the following link, replacing `` with your Zero Trust team name: ```txt - cf1app://oneapp.cloudflare.com/team?name=your_team_name + cf1app://oneapp.cloudflare.com/team?name= ``` 2. (Optional) Use any QR code generator to embed the link in a QR code. 3. Distribute the link or QR code to users.