cloudflare · ranbel · Oct 22, 2025 · Oct 22, 2025
@@ -2318,7 +2318,7 @@
 /changelog-next/* /changelog/:splat 301
 /browser-rendering/quick-actions-rest-api/* /browser-rendering/rest-api/:splat 301
 /*/sitemap.xml /sitemap-index.xml 301
-/access/configuring-identity-providers/* /cloudflare-one/identity/idp-integration/:splat 301
+/access/configuring-identity-providers/* /cloudflare-one/integrations/identity-providers/:splat 301
 /api-security/* /api-shield/:splat 301
 /api-shield/products/* /api-shield/security/:splat 301
 /distributed-web/* /web3/:splat 301
@@ -2383,6 +2383,11 @@
 /cloudflare-one/policies/data-loss-prevention/configuration-guides/* /cloudflare-one/policies/data-loss-prevention/dlp-policies/common-policies/ 301
 /cloudflare-one/policies/data-loss-prevention/datasets/* /cloudflare-one/policies/data-loss-prevention/detection-entries/:splat 301
 
+# Cloudflare One nav revamp
+/cloudflare-one/identity/one-time-pin/ /cloudflare-one/integrations/identity-providers/one-time-pin/ 301
+/cloudflare-one/identity/idp-integration/* /cloudflare-one/integrations/identity-providers/:splat 301
+
+
 # Learning paths
 
 /learning-paths/modules/get-started/onboarding/* /learning-paths/get-started-free/onboarding/:splat 301

@@ -8,7 +8,7 @@ date: 2025-10-14
 
 ![Screenshot of new user experience for managing SSO](~/assets/images/changelog/fundamentals/2025-10-14-sso-configuration-ux.png)
 
-During Birthday Week, we announced that [single sign-on (SSO) is available for free](https://blog.cloudflare.com/enterprise-grade-features-for-all/) to everyone who signs in with a custom email domain and maintains a compatible [identity provider](https://developers.cloudflare.com/cloudflare-one/identity/idp-integration/). SSO minimizes user friction around login and provides the strongest security posture available. At the time, this could only be configured using the API.
+During Birthday Week, we announced that [single sign-on (SSO) is available for free](https://blog.cloudflare.com/enterprise-grade-features-for-all/) to everyone who signs in with a custom email domain and maintains a compatible [identity provider](https://developers.cloudflare.com/cloudflare-one/integrations/identity-providers/). SSO minimizes user friction around login and provides the strongest security posture available. At the time, this could only be configured using the API.
 
 Today, we are launching a new user experience which allows users to manage their SSO configuration from within the Cloudflare dashboard. You can access this by going to **Manage account** > **Members** > **Settings**.
 

@@ -79,7 +79,7 @@ Remember — [authentication is different from authorization](https://www.cloud
 
 ### (2) Cloudflare Access integration
 
-You can use Cloudflare Access as a Single Sign-On (SSO) provider to authorize users to your MCP server. Users log in using a [configured identity provider](/cloudflare-one/identity/idp-integration/) or a [one-time PIN](/cloudflare-one/identity/one-time-pin/), and they are only granted access if their identity matches your [Access policies](/cloudflare-one/policies/access/).
+You can use Cloudflare Access as a Single Sign-On (SSO) provider to authorize users to your MCP server. Users log in using a [configured identity provider](/cloudflare-one/integrations/identity-providers/) or a [one-time PIN](/cloudflare-one/integrations/identity-providers/one-time-pin/), and they are only granted access if their identity matches your [Access policies](/cloudflare-one/policies/access/).
 
 To deploy an [example MCP server](https://github.com/cloudflare/ai/tree/main/demos/remote-mcp-cf-access) with Cloudflare Access as the OAuth provider, refer to [Secure MCP servers with Access for SaaS](/cloudflare-one/applications/configure-apps/mcp-servers/saas-mcp/).
 

@@ -24,7 +24,7 @@ An MCP server portal centralizes multiple [Model Context Protocol (MCP) servers]
 
 - An [active domain on Cloudflare](/fundamentals/manage-domains/add-site/)
 - Domain uses either a [full setup](/dns/zone-setups/full-setup/) or a [partial (`CNAME`) setup](/dns/zone-setups/partial-setup/)
-- An [identity provider](/cloudflare-one/identity/idp-integration/) configured on Cloudflare Zero Trust
+- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured on Cloudflare Zero Trust
 
 ## Add an MCP server
 
@@ -107,7 +107,7 @@ Cloudflare Access automatically creates an Access application for each MCP serve
 2. Find the portal that you want to configure, then select the three dots > **Edit**.
 3. To configure identity providers for the portal:
 	1. Select the **Login methods** tab.
-	2. Select the [identity providers](/cloudflare-one/identity/idp-integration/) that you want to enable for your application.
+	2. Select the [identity providers](/cloudflare-one/integrations/identity-providers/) that you want to enable for your application.
 	3. (Recommended) If you plan to only allow access via a single identity provider, turn on **Instant Auth**. End users will not be shown the [Cloudflare Access login page](/cloudflare-one/applications/login-page/). Instead, Cloudflare will redirect users directly to your SSO login event.
 4. To customize the block page:
 	1. Select the **Experience settings** tab.
@@ -131,7 +131,7 @@ Workers AI Playground will show a **Connected** status and list the available to
 
 For MCP clients with server configuration files, we recommend using the `npx` command with the `mcp-remote@latest` argument:
 
-``` json title= "MCP client configuration for MCP portals" 
+``` json title= "MCP client configuration for MCP portals"
 {
     "mcpServers": {
       "example-mcp-server": {
@@ -143,7 +143,7 @@ For MCP clients with server configuration files, we recommend using the `npx` co
         ]
       }
     }
-} 
+}
 ```
 
 We do not recommend using the `serverURL` parameter since it may cause issues with portal session creation and management.

@@ -12,11 +12,11 @@ import { Render, GlossaryTooltip, Tabs, TabItem, APIRequest } from "~/components
 
 You can secure [Model Context Protocol (MCP) servers](https://www.cloudflare.com/learning/ai/what-is-model-context-protocol-mcp/) by using Cloudflare Access as an OAuth Single Sign-On (SSO) provider.
 
-This guide walks through how to deploy a remote <GlossaryTooltip term="MCP server">MCP server</GlossaryTooltip> on [Cloudflare Workers](/workers/) that requires Cloudflare Access for authentication. When users connect to the MCP server using an <GlossaryTooltip term="MCP client">MCP client</GlossaryTooltip>, they will be prompted to log in to your [identity provider](/cloudflare-one/identity/idp-integration/) and are only granted access if they pass your [Access policies](/cloudflare-one/policies/access/#selectors).
+This guide walks through how to deploy a remote <GlossaryTooltip term="MCP server">MCP server</GlossaryTooltip> on [Cloudflare Workers](/workers/) that requires Cloudflare Access for authentication. When users connect to the MCP server using an <GlossaryTooltip term="MCP client">MCP client</GlossaryTooltip>, they will be prompted to log in to your [identity provider](/cloudflare-one/integrations/identity-providers/) and are only granted access if they pass your [Access policies](/cloudflare-one/policies/access/#selectors).
 
 ## Prerequisites
 
-- Add an [identity provider](/cloudflare-one/identity/idp-integration/) to Cloudflare Zero Trust
+- Add an [identity provider](/cloudflare-one/integrations/identity-providers/) to Cloudflare Zero Trust
 - Install [npm](https://docs.npmjs.com/getting-started)
 - Install [Node.js](https://nodejs.org/en/)
 

@@ -11,7 +11,7 @@ This guide covers how to configure [Adobe Acrobat Sign](https://helpx.adobe.com/
 
 ## Prerequisites
 
-* An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+* An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust
 * Admin access to a Adobe Acrobat Sign account
 * A [claimed domain](https://helpx.adobe.com/sign/using/claim-domain-names.html) in Adobe Acrobat Sign
 

@@ -15,7 +15,7 @@ import { Render } from "~/components";
 
 ## Prerequisites
 
-* An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+* An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust
 * Admin access to your Area 1 account
 * Your user's email in Area 1 matches their email in Zero Trust
 

@@ -11,7 +11,7 @@ This guide covers how to configure [Asana](https://help.asana.com/hc/en-us/artic
 
 ## Prerequisites
 
-* An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+* An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust
 * Super admin access to an Asana Enterprise, Enterprise+, or Legacy Enterprise account
 
 ## 1. Add a SaaS application to Cloudflare Zero Trust

@@ -11,7 +11,7 @@ This guide covers how to configure [Atlassian Cloud](https://support.atlassian.c
 
 ## Prerequisites
 
-* An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+* An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust
 * Admin access to an Atlassian Cloud account
 * Atlassian Guard Standard subscription
 * A [domain](https://support.atlassian.com/user-management/docs/verify-a-domain-to-manage-accounts/) verified in Atlassian Cloud

@@ -11,7 +11,7 @@ This guide covers how to configure [AWS](https://docs.aws.amazon.com/singlesigno
 
 ## Prerequisites
 
-* An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+* An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust
 * Admin access to an AWS account
 
 ## 1. Get AWS URLs

@@ -11,7 +11,7 @@ This guide covers how to configure [Braintree](https://developer.paypal.com/brai
 
 ## Prerequisites
 
-* An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+* An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust
 * Admin access to a Braintree production or sandbox account
 
 ## 1. Add a SaaS application to Cloudflare Zero Trust

@@ -11,7 +11,7 @@ This guide covers how to configure [Coupa](https://compass.coupa.com/en-us/produ
 
 ## Prerequisites
 
-* An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+* An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust
 * Admin access to a Coupa Stage or Production account
 
 ## 1. Add a SaaS application to Cloudflare Zero Trust

@@ -11,7 +11,7 @@ This guide covers how to configure [Digicert](https://docs.digicert.com/en/certc
 
 ## Prerequisites
 
-* An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+* An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust
 * Admin access to a Digicert account
 * [SAML](https://docs.digicert.com/en/certcentral/manage-account/saml-admin-single-sign-on-guide/saml-single-sign-on-prerequisites.html) enabled in your Digicert account
 

@@ -10,7 +10,7 @@ This guide covers how to configure [Docusign](https://support.docusign.com/s/doc
 
 ## Prerequisites
 
-- An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust
 - Admin access to a Docusign account that has Single Sign-On available
 - A [domain](https://support.docusign.com/s/document-item?bundleId=rrf1583359212854&topicId=gso1583359141256.html) verified in Docusign
 

@@ -11,7 +11,7 @@ This guide covers how to configure [Dropbox](https://help.dropbox.com/security/s
 
 ## Prerequisites
 
-* An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+* An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust
 * Admin access to a Dropbox  Advanced, Business Plus, or Enterprise account
 
 ## 1. Add a SaaS application to Cloudflare Zero Trust

@@ -11,7 +11,7 @@ This page provides generic instructions for setting up a SaaS application in Clo
 
 ## Prerequisites
 
-- An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust
 - Admin access to the account of the SaaS application
 
 ## 1. Get SaaS application URL
@@ -95,7 +95,7 @@ To add additional OIDC claims onto the ID token sent to your SaaS application, c
 
     - **Name**: OIDC claim name
     - **Scope**: Select the OIDC scope where this claim should be included. In most cases, we recommend selecting `profile` since it already includes other custom claims from the IdP.
-    - **IdP claim**: The identity provider value that should map to this OIDC claim. You can select any [SAML attribute](/cloudflare-one/identity/idp-integration/generic-saml/#saml-headers-and-attributes) or [OIDC claim](/cloudflare-one/identity/idp-integration/generic-oidc/#custom-oidc-claims) that was configured in a Zero Trust IdP integration.
+    - **IdP claim**: The identity provider value that should map to this OIDC claim. You can select any [SAML attribute](/cloudflare-one/integrations/identity-providers/generic-saml/#saml-headers-and-attributes) or [OIDC claim](/cloudflare-one/integrations/identity-providers/generic-oidc/#custom-oidc-claims) that was configured in a Zero Trust IdP integration.
     - **Required**: If a claim is marked as required but is not provided by an IdP, Cloudflare will fail the authentication request and show an error page.
     - **Add per IdP claim**: (Optional) If you turned on multiple identity providers for the SaaS application, you can choose different attribute mappings for each IdP. These values will override the parent **IdP claim**.
 

@@ -11,7 +11,7 @@ This page provides generic instructions for setting up a SaaS application in Clo
 
 ## Prerequisites
 
-- An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust
 - Admin access to the account of the SaaS application
 
 ## 1. Get SaaS application URLs
@@ -80,7 +80,7 @@ Open an incognito browser window and go to the SaaS application's login URL. You
 
 ## SAML attributes
 
-[SAML attributes](/cloudflare-one/identity/idp-integration/generic-saml/#saml-headers-and-attributes) refer to the user identity characteristics that Cloudflare Access shares with your SAML SaaS application upon successful authentication. By default, Cloudflare Access passes the following attributes (if available) to the SaaS application:
+[SAML attributes](/cloudflare-one/integrations/identity-providers/generic-saml/#saml-headers-and-attributes) refer to the user identity characteristics that Cloudflare Access shares with your SAML SaaS application upon successful authentication. By default, Cloudflare Access passes the following attributes (if available) to the SaaS application:
 
 - `id` - UUID of the user's Access identity
 - `name` - Full name of the user (for example, `John Doe`)
@@ -99,7 +99,7 @@ To send additional SAML attributes to your SaaS application, configure the follo
 			- `Unspecified`: (default) No specific format required.
 			- `URI`: Name is in a format such as `urn:ietf:params:scim:schemas:core:2.0:User:userName` or `urn:oid:2.5.4.42`.
 			- `Basic`: Name is a normal string such as `userName`.
-	- **IdP claim**: The identity provider value that should map to this SAML attribute. You can select any [SAML attribute](/cloudflare-one/identity/idp-integration/generic-saml/#saml-headers-and-attributes) or [OIDC claim](/cloudflare-one/identity/idp-integration/generic-oidc/#custom-oidc-claims) that was configured in a Zero Trust IdP integration.
+	- **IdP claim**: The identity provider value that should map to this SAML attribute. You can select any [SAML attribute](/cloudflare-one/integrations/identity-providers/generic-saml/#saml-headers-and-attributes) or [OIDC claim](/cloudflare-one/integrations/identity-providers/generic-oidc/#custom-oidc-claims) that was configured in a Zero Trust IdP integration.
 	- **Required**: If an attribute is marked as required but is not provided by an IdP, Cloudflare will fail the authentication request and show an error page.
 	- **Add per IdP claim**: (Optional) If you turned on multiple identity providers for the SaaS application, you can choose different attribute mappings for each IdP. These values will override the parent **IdP claim**.
 

@@ -11,7 +11,7 @@ This guide covers how to configure [GitHub Enterprise Cloud](https://docs.github
 
 ## Prerequisites
 
-* An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+* An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust
 * A GitHub Enterprise Cloud subscription
 * Access to a GitHub account as an organization owner
 

@@ -14,14 +14,14 @@ This guide covers how to configure [Google Cloud](https://support.google.com/clo
 
 When configuring Google Cloud with Access, the following limitations apply:
 
-- Users will not be able to log in using [Google](/cloudflare-one/identity/idp-integration/google/) or [Google Workspace](/cloudflare-one/identity/idp-integration/google-workspace/) as an identity provider after Google Cloud is configured with Access.
+- Users will not be able to log in using [Google](/cloudflare-one/integrations/identity-providers/google/) or [Google Workspace](/cloudflare-one/integrations/identity-providers/google-workspace/) as an identity provider after Google Cloud is configured with Access.
 
 - The integration of Access as a single sign-on provider for your Google Cloud account does not work for Google super admins. It will work for other users.
   :::
 
 ## Prerequisites
 
-- An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust
 - Admin access to a Google Workspace account
 - [Cloud Identity Free or Premium](https://support.google.com/cloudidentity/answer/7389973) set up in your organization's Google Cloud account