diff --git a/src/content/docs/cloudflare-one/identity/idp-integration/entra-id.mdx b/src/content/docs/cloudflare-one/identity/idp-integration/entra-id.mdx
index d76103e1cd7297e..9900db58b6d0412 100644
--- a/src/content/docs/cloudflare-one/identity/idp-integration/entra-id.mdx
+++ b/src/content/docs/cloudflare-one/identity/idp-integration/entra-id.mdx
@@ -139,11 +139,8 @@ To [test](/cloudflare-one/identity/idp-integration/#test-idps-in-zero-trust) tha
}'
```
-
+
-:::note[Provider versions]
-The following example requires Cloudflare provider version `>=4.40.0`.
-:::
1. Add the following permission to your [`cloudflare_api_token`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/api_token):
@@ -151,7 +148,7 @@ The following example requires Cloudflare provider version `>=4.40.0`.
2. Configure the [`cloudflare_zero_trust_access_identity_provider`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/zero_trust_access_identity_provider) resource:
-
+
diff --git a/src/content/docs/cloudflare-one/identity/idp-integration/generic-oidc.mdx b/src/content/docs/cloudflare-one/identity/idp-integration/generic-oidc.mdx
index 1fec86f2212b6ce..3d8be9927694915 100644
--- a/src/content/docs/cloudflare-one/identity/idp-integration/generic-oidc.mdx
+++ b/src/content/docs/cloudflare-one/identity/idp-integration/generic-oidc.mdx
@@ -80,11 +80,7 @@ Cloudflare Access has a generic OpenID Connect (OIDC) connector to help you inte
}'
```
-
-
-:::note[Provider versions]
-The following example requires Cloudflare provider version `>=4.40.0`.
-:::
+
1. Add the following permission to your [`cloudflare_api_token`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/api_token):
- `Access: Organizations, Identity Providers, and Groups Write`
@@ -96,7 +92,7 @@ The following example requires Cloudflare provider version `>=4.40.0`.
account_id = var.cloudflare_account_id
name = "Generic OIDC example"
type = "oidc"
- config {
+ config = {
client_id = ""
client_secret = ""
auth_url = "https://accounts.google.com/o/oauth2/auth"
diff --git a/src/content/docs/cloudflare-one/identity/idp-integration/generic-saml.mdx b/src/content/docs/cloudflare-one/identity/idp-integration/generic-saml.mdx
index 0ae1ec07b29c739..d76eb08f66d2af6 100644
--- a/src/content/docs/cloudflare-one/identity/idp-integration/generic-saml.mdx
+++ b/src/content/docs/cloudflare-one/identity/idp-integration/generic-saml.mdx
@@ -53,11 +53,7 @@ To download the SAML metadata file, copy-paste the metadata endpoint into a web
6. (Optional) Under **Optional configurations**, configure [additional SAML options](#optional-configurations).
7. Select **Save**.
-
-
-:::note[Provider versions]
-The following example requires Cloudflare provider version `>=4.40.0`.
-:::
+
1. Add the following permission to your [`cloudflare_api_token`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/api_token):
@@ -70,10 +66,10 @@ The following example requires Cloudflare provider version `>=4.40.0`.
account_id = var.cloudflare_account_id
name = "Generic SAML example"
type = "saml"
- config {
+ config = {
sso_target_url = "https://example.com/1234/sso/saml"
issuer_url = "https://example.com/1234"
- idp_public_cert = "-----BEGIN CERTIFICATE-----\nXXXXX\n-----END CERTIFICATE-----"
+ idp_public_certs = ["-----BEGIN CERTIFICATE-----\nXXXXX\n-----END CERTIFICATE-----"]
sign_request = false
email_attribute_name = "email"
attributes = ["employeeID", "groups"]
diff --git a/src/content/docs/cloudflare-one/identity/one-time-pin.mdx b/src/content/docs/cloudflare-one/identity/one-time-pin.mdx
index 53e602bb4384e45..585ca3488795e90 100644
--- a/src/content/docs/cloudflare-one/identity/one-time-pin.mdx
+++ b/src/content/docs/cloudflare-one/identity/one-time-pin.mdx
@@ -40,11 +40,7 @@ For example, if your team uses Okta but you are collaborating with someone outsi
}'
```
-
-
-:::note[Provider versions]
-The following example requires Cloudflare provider version `>=4.40.0`.
-:::
+
1. Add the following permission to your [`cloudflare_api_token`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/api_token):
- `Access: Organizations, Identity Providers, and Groups Write`
@@ -56,9 +52,10 @@ The following example requires Cloudflare provider version `>=4.40.0`.
account_id = var.cloudflare_account_id
name = "One-time PIN login"
type = "onetimepin"
+ config = {}
}
```
-
+
:::tip
If your organization uses a third-party email scanning service (for example, Mimecast or Barracuda), add `noreply@notify.cloudflare.com` to the email scanning allowlist.
diff --git a/src/content/partials/cloudflare-one/access/entra-id-terraform.mdx b/src/content/partials/cloudflare-one/access/entra-id-terraform.mdx
index 0ae925b2014fdad..7c3cd7116b2f389 100644
--- a/src/content/partials/cloudflare-one/access/entra-id-terraform.mdx
+++ b/src/content/partials/cloudflare-one/access/entra-id-terraform.mdx
@@ -8,11 +8,11 @@ resource "cloudflare_zero_trust_access_identity_provider" "microsoft_entra_id" {
account_id = var.cloudflare_account_id
name = "Entra ID example"
type = "azureAD"
- config {
+ config = {
client_id = var.entra_id_client_id
client_secret = var.entra_id_client_secret
directory_id = var.entra_id_directory_id
support_groups = true
- }
+ }
}
```
diff --git a/src/content/partials/cloudflare-one/access/idp-integration.mdx b/src/content/partials/cloudflare-one/access/idp-integration.mdx
index 3de3f4179a24bd9..4caea952755c89d 100644
--- a/src/content/partials/cloudflare-one/access/idp-integration.mdx
+++ b/src/content/partials/cloudflare-one/access/idp-integration.mdx
@@ -20,12 +20,12 @@ import {Render, Tabs, TabItem} from "~/components"
5. Once you have filled in the necessary fields, select **Save**.
-
+
1. Add the following permission to your [`cloudflare_api_token`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/api_token):
- `Access: Organizations, Identity Providers, and Groups Write`
-2. Add an identity provider to Zero Trust using the [`cloudflare_zero_trust_access_identity_provider`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/zero_trust_access_identity_provider) resource. For example, to add a Microsoft Entra ID integration:
+2. Add an identity provider to Zero Trust using the [`cloudflare_zero_trust_access_identity_provider`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/zero_trust_access_identity_provider) resource. For example, to add a Microsoft Entra ID integration:
diff --git a/src/content/partials/learning-paths/zero-trust/create-zero-trust-org.mdx b/src/content/partials/learning-paths/zero-trust/create-zero-trust-org.mdx
index c0572a770dc3685..c4593c6f1d115a2 100644
--- a/src/content/partials/learning-paths/zero-trust/create-zero-trust-org.mdx
+++ b/src/content/partials/learning-paths/zero-trust/create-zero-trust-org.mdx
@@ -3,7 +3,7 @@
---
-import { Render, Tabs, TabItem} from "~/components"
+import { Render} from "~/components"
To start using Zero Trust features, create a Zero Trust organization in your Cloudflare account.
@@ -17,23 +17,17 @@ To create a Zero Trust organization:
You can use the [Cloudflare Terraform provider](https://registry.terraform.io/providers/cloudflare/cloudflare/latest) to manage your Zero Trust organization alongside your other IT infrastructure. To get started with Terraform, refer to our [Terraform tutorial series](/terraform/tutorial/).
-Zero Trust organizations cannot be created through Terraform. You must [sign up for Zero Trust](#sign-up-for-zero-trust) on the Cloudflare dashboard and then import the resource into your [Terraform configuration](/terraform/).
+To add Zero Trust to your Terraform configuration:
-To import your Zero Trust organization:
+1. [Sign up for Zero Trust](#sign-up-for-zero-trust) on the Cloudflare dashboard.
-
-
-:::note[Provider versions]
-The following example requires Cloudflare provider version `>=4.40.0`.
-:::
-
-1. Add the following permission to your [`cloudflare_api_token`](https://registry.terraform.io/providers/cloudflare/cloudflare/4.40.0/docs/resources/api_token):
+2. Add the following permission to your [`cloudflare_api_token`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/api_token):
- `Access: Organizations, Identity Providers, and Groups Write`
-2. Add the [`cloudflare_zero_trust_access_organization`](https://registry.terraform.io/providers/cloudflare/cloudflare/4.40.0/docs/resources/zero_trust_access_organization) resource:
+3. Add the [`cloudflare_zero_trust_organization`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/zero_trust_organization) resource:
```terraform
- resource "cloudflare_zero_trust_access_organization" "" {
+ resource "cloudflare_zero_trust_organization" "" {
account_id = var.cloudflare_account_id
name = "Acme Corporation"
auth_domain = ".cloudflareaccess.com"
@@ -41,17 +35,7 @@ The following example requires Cloudflare provider version `>=4.40.0`.
```
Replace ` **Custom Pages**.
-3. In a terminal, run:
-
- ```sh
- terraform import cloudflare_zero_trust_access_organization. `
- ```
-
-
-
-
-
-You can now update the Zero Trust organization using Terraform.
+You can now update Zero Trust organization settings using Terraform.
:::tip
If you plan to manage all Zero Trust settings in Terraform, set the dashboard to [API/Terraform read-only mode](/cloudflare-one/api-terraform/#set-dashboard-to-read-only).