diff --git a/src/content/docs/cloudflare-one/access-controls/ai-controls/mcp-portals.mdx b/src/content/docs/cloudflare-one/access-controls/ai-controls/mcp-portals.mdx index a16e721fdddb58..69772260d9159a 100644 --- a/src/content/docs/cloudflare-one/access-controls/ai-controls/mcp-portals.mdx +++ b/src/content/docs/cloudflare-one/access-controls/ai-controls/mcp-portals.mdx @@ -32,8 +32,8 @@ Add individual MCP servers to Cloudflare Access to bring them under centralized To add an MCP server: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Applications** > **AI controls**. -2. Select the **MCP servers** tab. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **AI controls**. +2. Go to the **MCP servers** tab. 3. Select **Add an MCP server**. 4. Enter any name for the server. 5. (Optional) Enter a custom string for the **Server ID**. @@ -63,8 +63,8 @@ The MCP server status indicates the synchronization status of the MCP server to To reauthenticate an MCP server in Cloudflare Access: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Applications** > **AI controls**. -2. Select the **MCP servers** tab. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **AI controls**. +2. Go to the **MCP servers** tab. 3. Select the server that you want to reauthenticate, then select **Edit**. 4. Select **Authenticate server**. @@ -74,8 +74,8 @@ You will be redirected to log in to your OAuth provider. The account used to aut Cloudflare Access automatically synchronizes with your MCP server every 24 hours. To manually refresh the MCP server in Zero Trust: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Applications** > **AI controls**. -2. Select the **MCP servers** tab and find the server that you want to refresh. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **AI controls**. +2. Go to the **MCP servers** tab and find the server that you want to refresh. 3. Select the three dots > **Sync capabilities**. The MCP server page will show the updated list of tools and prompts. New tools and prompts are automatically enabled in the MCP server portal. @@ -84,8 +84,8 @@ The MCP server page will show the updated list of tools and prompts. New tools a To create an MCP server portal: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Applications** > **AI controls**. -2. Select **Add an MCP server portal**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **AI controls**. +2. Select **Add MCP server portal**. 3. Enter any name for the portal. 4. Under **Custom domain**, select a domain for the portal URL. Domains must belong to an active zone in your Cloudflare account. You can optionally specify a subdomain. 5. [Add MCP servers](#add-an-mcp-server) to the portal. @@ -102,14 +102,14 @@ Users can now [connect to the portal](#connect-to-a-portal) at `https:// **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **Applications**. 2. Find the portal that you want to configure, then select the three dots > **Edit**. 3. To configure identity providers for the portal: - 1. Select the **Login methods** tab. + 1. Go to the **Login methods** tab. 2. Select the [identity providers](/cloudflare-one/integrations/identity-providers/) that you want to enable for your application. 3. (Recommended) If you plan to only allow access via a single identity provider, turn on **Instant Auth**. End users will not be shown the [Cloudflare Access login page](/cloudflare-one/reusable-components/custom-pages/access-login-page/). Instead, Cloudflare will redirect users directly to your SSO login event. 4. To customize the block page: - 1. Select the **Experience settings** tab. + 1. Go to the **Experience settings** tab. 2. 5. Select **Save application**. @@ -161,7 +161,7 @@ rm -rf ~/.mcp-auth Portal logs allow you to monitor user activity through an MCP server portal. You can view logs on a per-portal or per-server basis. -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Applications** > **AI controls**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **AI controls**. 2. Find the portal or server that you want to view logs for, then select the three dots > **Edit**. 3. Select **Logs**. diff --git a/src/content/docs/cloudflare-one/access-controls/ai-controls/saas-mcp.mdx b/src/content/docs/cloudflare-one/access-controls/ai-controls/saas-mcp.mdx index 44f42b8b4f9571..638eeec23555ca 100644 --- a/src/content/docs/cloudflare-one/access-controls/ai-controls/saas-mcp.mdx +++ b/src/content/docs/cloudflare-one/access-controls/ai-controls/saas-mcp.mdx @@ -87,25 +87,26 @@ The Worker will be deployed to your `*.workers.dev` subdomain at `mcp-server-cf- -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. -2. Select **SaaS**. -3. In **Application**, enter a custom name (for example, `MCP server`) and select the textbox that appears below. -4. Select **OIDC** as the authentication protocol. -5. Select **Add application**. -6. In **Redirect URLs**, enter the authorization callback URL for your MCP server. The callback URL for our [example MCP server](#1-deploy-an-example-mcp-server) is +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. +2. Select **Add an application**. +3. Select **SaaS**. +4. In **Application**, enter a custom name (for example, `MCP server`) and select the textbox that appears below. +5. Select **OIDC** as the authentication protocol. +6. Select **Add application**. +7. In **Redirect URLs**, enter the authorization callback URL for your MCP server. The callback URL for our [example MCP server](#1-deploy-an-example-mcp-server) is `txt https://mcp-server-cf-access..workers.dev/callback ` -7. Copy the following values to input into our example MCP server. Other MCP servers may require different sets of input values. +8. Copy the following values to input into our example MCP server. Other MCP servers may require different sets of input values. - **Client secret** - **Client ID** - **Token endpoint** - **Authorization endpoint** - **Key endpoint** -8. (Optional) Under **Advanced settings**, turn on [**Refresh tokens**](/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-oidc-saas/#advanced-settings) if you want to reduce the number of times a user needs to log in to the identity provider. -9. Configure [Access policies](/cloudflare-one/access-controls/policies/) to define the users who can access the MCP server. -10. Save the application. +9. (Optional) Under **Advanced settings**, turn on [**Refresh tokens**](/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-oidc-saas/#advanced-settings) if you want to reduce the number of times a user needs to log in to the identity provider. +10. Configure [Access policies](/cloudflare-one/access-controls/policies/) to define the users who can access the MCP server. +11. Save the application. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/adobe-sign-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/adobe-sign-saas.mdx index 57a81d820e4bad..64f3d7278065f1 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/adobe-sign-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/adobe-sign-saas.mdx @@ -6,23 +6,23 @@ sidebar: order: 2 --- -This guide covers how to configure [Adobe Acrobat Sign](https://helpx.adobe.com/sign/using/enable-saml-single-sign-on.html) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Adobe Acrobat Sign](https://helpx.adobe.com/sign/using/enable-saml-single-sign-on.html) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Adobe Acrobat Sign account - A [claimed domain](https://helpx.adobe.com/sign/using/claim-domain-names.html) in Adobe Acrobat Sign -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS**. 3. For **Application**, enter `Adobe Sign` and select the corresponding textbox that appears. 4. For the authentication protocol, select **SAML**. 5. Select **Add application**. 6. Copy the **Access Entity ID or Issuer**, **Public key**, and **SSO endpoint**. -7. Keep this window open without selecting **Select configuration**. You will finish this configuration in step [3. Finish adding a SaaS application to Cloudflare Zero Trust](#3-finish-adding-a-saas-application-to-cloudflare-zero-trust). +7. Keep this window open without selecting **Select configuration**. You will finish this configuration in step [3. Finish adding a SaaS application to Cloudflare One](#3-finish-adding-a-saas-application-to-cloudflare-one). ## 2. Add a SAML SSO provider to Adobe Sign @@ -31,15 +31,15 @@ This guide covers how to configure [Adobe Acrobat Sign](https://helpx.adobe.com/ 3. Enter a hostname (for example, `yourcompanyname`). Users can use this URL or `https://secure.adobesign.com/public/login` to sign in via SSO. 4. (Optional) For **Single Sign On Login Message**, enter a custom message (for example, `Log in via SSO`). The default message is **Sign in using your corporate credentials**. 5. Fill in the following fields: - - **Entity ID/Issuer URL**: Access Entity ID or Issuer from application configuration in Cloudflare Zero Trust. - - **Login URL/SSO Endpoint**: SSO endpoint from application configuration in Cloudflare Zero Trust. - - **IdP Certificate**: Public key from application configuration in Cloudflare Zero Trust. Wrap the certificate in `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`. + - **Entity ID/Issuer URL**: Access Entity ID or Issuer from application configuration in Cloudflare One. + - **Login URL/SSO Endpoint**: SSO endpoint from application configuration in Cloudflare One. + - **IdP Certificate**: Public key from application configuration in Cloudflare One. Wrap the certificate in `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`. 6. Copy the **Entity ID/SAML Audience** and **Assertion Consumer URL**. 7. Select **Save**. -## 3. Finish adding a SaaS application to Cloudflare Zero Trust +## 3. Finish adding a SaaS application to Cloudflare One -1. In your open Zero Trust window, fill in the following fields: +1. In your open Cloudflare One window, fill in the following fields: - **Entity ID**: Entity ID/SAML Audience from Adobe Acrobat Sign SAML SSO configuration. - **Assertion Consumer Service URL**: Assertion Consumer URL from Adobe Acrobat Sign SAML SSO configuration. - **Name ID format**: _Email_ diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/area-1.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/area-1.mdx index dcf6274dd26235..0a9ebf66099ddb 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/area-1.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/area-1.mdx @@ -10,17 +10,17 @@ import { Render } from "~/components"; -[Cloudflare Area 1](https://www.cloudflare.com/products/zero-trust/email-security/) is an email security platform that protects your organization's inbox from phishing, spam, and other malicious messages. This guide covers how to configure Area 1 as a SAML application in Cloudflare Zero Trust. +[Cloudflare Area 1](https://www.cloudflare.com/products/zero-trust/email-security/) is an email security platform that protects your organization's inbox from phishing, spam, and other malicious messages. This guide covers how to configure Area 1 as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to your Area 1 account -- Your user's email in Area 1 matches their email in Zero Trust +- Your user's email in Area 1 matches their email in Cloudflare One -## 1. Add Area 1 to Zero Trust +## 1. Add Area 1 to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application**. @@ -52,9 +52,9 @@ Finally, you will need to configure Area 1 to allow users to log in through Clou 4. In **SAML SSO Domain**, enter `.cloudflareaccess.com`. 5. Get your Metadata XML file: - 1. In Zero Trust, copy the **SSO Endpoint** for your application. + 1. In Cloudflare One, copy the **SSO Endpoint** for your application. - ![Copy SSO settings for a SaaS application from Zero Trust](~/assets/images/cloudflare-one/applications/saas-sso-endpoint.png) + ![Copy SSO settings for a SaaS application from Cloudflare One](~/assets/images/cloudflare-one/applications/saas-sso-endpoint.png) 2. In a new browser tab, paste the **SSO Endpoint** and append `/saml-metadata` to the end of the URL. For example, `https://.cloudflareaccess.com/cdn-cgi/access/sso/saml//saml-metadata`. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/asana-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/asana-saas.mdx index f36b1b86e2d1f1..b92348f885d3a9 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/asana-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/asana-saas.mdx @@ -6,16 +6,16 @@ sidebar: order: 4 --- -This guide covers how to configure [Asana](https://help.asana.com/hc/en-us/articles/14075208738587-Authentication-and-access-management-options-for-paid-plans#gl-saml) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Asana](https://help.asana.com/hc/en-us/articles/14075208738587-Authentication-and-access-management-options-for-paid-plans#gl-saml) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Super admin access to an Asana Enterprise, Enterprise+, or Legacy Enterprise account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS** > **Select**. 3. For **Application**, select _Asana_. 4. For the authentication protocol, select **SAML**. @@ -33,8 +33,8 @@ This guide covers how to configure [Asana](https://help.asana.com/hc/en-us/artic 1. In Asana, select your profile picture > **Admin console** > **Security** > **SAML authentication**. 2. Under **SAML options**, select _Optional_. 3. Fill in the following fields: - - Sign-in page URL: SSO endpoint from application configuration in Cloudflare Zero Trust. - - X.509 certificate: Public key from application configuration in Cloudflare Zero Trust. Wrap the public key in `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`. + - Sign-in page URL: SSO endpoint from application configuration in Cloudflare One. + - X.509 certificate: Public key from application configuration in Cloudflare One. Wrap the public key in `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`. 4. Select **Save changes**. ## 3. Test the integration and require SSO diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/atlassian-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/atlassian-saas.mdx index 0a5c5297ae37ff..6bec35c9b61d74 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/atlassian-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/atlassian-saas.mdx @@ -6,24 +6,24 @@ sidebar: order: 5 --- -This guide covers how to configure [Atlassian Cloud](https://support.atlassian.com/security-and-access-policies/docs/configure-saml-single-sign-on-with-an-identity-provider/) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Atlassian Cloud](https://support.atlassian.com/security-and-access-policies/docs/configure-saml-single-sign-on-with-an-identity-provider/) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to an Atlassian Cloud account - Atlassian Guard Standard subscription - A [domain](https://support.atlassian.com/user-management/docs/verify-a-domain-to-manage-accounts/) verified in Atlassian Cloud -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS**. 3. For **Application**, select _Atlassian_. 4. For the authentication protocol, select **SAML**. 5. Select **Add application**. 6. Copy the **Access Entity ID or Issuer**, **Public key**, and **SSO endpoint**. -7. Keep this window open. You will finish this configuration in step [4. Finish adding a SaaS application to Cloudflare Zero Trust](#4-finish-adding-a-saas-application-to-cloudflare-zero-trust). +7. Keep this window open. You will finish this configuration in step [4. Finish adding a SaaS application to Cloudflare One](#4-finish-adding-a-saas-application-to-cloudflare-one). ## 2. Create a x.509 certificate @@ -42,8 +42,8 @@ This guide covers how to configure [Atlassian Cloud](https://support.atlassian.c ::: 5. Fill in the following fields: - - **Identity provider Entity ID**: Access Entity ID or Issuer from application configuration in Cloudflare Zero Trust. - - **Identity provider SSO URL**: SSO endpoint from application configuration in Cloudflare Zero Trust. + - **Identity provider Entity ID**: Access Entity ID or Issuer from application configuration in Cloudflare One. + - **Identity provider SSO URL**: SSO endpoint from application configuration in Cloudflare One. - **Public x509 certificate**: Paste the entire x.509 certificate from step [2. Create a x.509 certificate](#2-create-a-x509-certificate). 6. Select **Next**. 7. Copy the **Service provider entity URL** and **Service provider assertion consumer service URL**. @@ -51,9 +51,9 @@ This guide covers how to configure [Atlassian Cloud](https://support.atlassian.c 9. Under **Link domain**, select the domain you want to use with SAML SSO. 10. Select **Next** > **Stop and save SAML**. -## 4. Finish adding a SaaS application to Cloudflare Zero Trust +## 4. Finish adding a SaaS application to Cloudflare One -1. In your open Zero Trust window, fill in the following fields: +1. In your open Cloudflare One window, fill in the following fields: - **Entity ID**: Service provider entity URL from Atlassian Cloud SAML SSO set-up. - **Assertion Consumer Service URL**: Service provider assertion consumer service URL from Atlassian Cloud SAML SSO set-up. - **Name ID format**: _Email_ diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/aws-sso-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/aws-sso-saas.mdx index 4fe4c1775de6ee..03c1851417ca5a 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/aws-sso-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/aws-sso-saas.mdx @@ -6,11 +6,11 @@ sidebar: order: 6 --- -This guide covers how to configure [AWS](https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-your-identity-source-idp.html) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [AWS](https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-your-identity-source-idp.html) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to an AWS account ## 1. Get AWS URLs @@ -19,14 +19,14 @@ This guide covers how to configure [AWS](https://docs.aws.amazon.com/singlesigno 2. Go to **IAM Identity Center** > **Settings**. 3. In the **Identity source** tab, select the **Actions** dropdown and select _Change identity source_. 4. Change the identity source to **External identity provider**. -5. Copy the values shown in **Service provider metadata**. You will need these values when configuring the SaaS application in Zero Trust. +5. Copy the values shown in **Service provider metadata**. You will need these values when configuring the SaaS application in Cloudflare One. -Next, we will obtain **Identity provider metadata** from Zero Trust. +Next, we will obtain **Identity provider metadata** from Cloudflare One. -## 2. Add a SaaS application to Cloudflare Zero Trust +## 2. Add a SaaS application to Cloudflare One -1. In a separate tab or window, open [Zero Trust](https://one.dash.cloudflare.com) and go to **Access** > **Applications**. -2. Select **SaaS**. +1. In a separate tab or window, open [Cloudflare One](https://one.dash.cloudflare.com) and go to **Access controls** > **Applications**. +2. Select **Add an application** > **SaaS**. 3. For **Application**, select _Amazon AWS_. 4. For the authentication protocol, select **SAML**. 5. Select **Add application**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/braintree-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/braintree-saas.mdx index 6c393e40ff5aca..f33f2f9bfba01d 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/braintree-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/braintree-saas.mdx @@ -6,16 +6,16 @@ sidebar: order: 7 --- -This guide covers how to configure [Braintree](https://developer.paypal.com/braintree/articles/guides/single-sign-on-sso) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Braintree](https://developer.paypal.com/braintree/articles/guides/single-sign-on-sso) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Braintree production or sandbox account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS** > **Select**. 3. For **Application**, enter `Braintree` and select the textbox that appears below. 4. For the authentication protocol, select **SAML**. @@ -35,15 +35,15 @@ This guide covers how to configure [Braintree](https://developer.paypal.com/brai 3. In **Issue Details**, fill in the following: - **Merchant ID**: Your Braintree Merchant ID. This is the 16-digit value that follows `/merchants/`in your Braintree Control Panel URL. - **Email domain(s) to be used in user IDs**: The email domain(s) that should be allowed to sign in to your account via SSO. - - **Single Sign-on HTTP POST Binding URL**: SSO endpoint from application configuration in Cloudflare Zero Trust - - **Certificate for validation**: Public key from application configuration in Cloudflare Zero Trust. + - **Single Sign-on HTTP POST Binding URL**: SSO endpoint from application configuration in Cloudflare One + - **Certificate for validation**: Public key from application configuration in Cloudflare One. 4. Select whether you are using a **Production** or **Sandbox** account. 5. Fill out the **Your contact information** fields and select **Submit a help request**. 6. When you receive an email stating SSO has been successfully configured for your account, you can proceed to the next step. -## 3. Finish adding a SaaS application to Cloudflare Zero Trust +## 3. Finish adding a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Braintree** > **Edit** > **Overview**. 3. Replace the temporary values for **Entity ID** and **Assertion Consumer Service URL** with the link provided in the successful SSO configuration email from Braintree support. You will use the same link for both values. 4. Select **Save Application**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/coupa-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/coupa-saas.mdx index 49f461f1e97f5e..88791ff23c316c 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/coupa-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/coupa-saas.mdx @@ -6,16 +6,16 @@ sidebar: order: 8 --- -This guide covers how to configure [Coupa](https://compass.coupa.com/en-us/products/product-documentation/integration-technical-documentation/coupa-core-user-authentication/coupa-saml-sso-setup) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Coupa](https://compass.coupa.com/en-us/products/product-documentation/integration-technical-documentation/coupa-core-user-authentication/coupa-saml-sso-setup) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Coupa Stage or Production account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS** > **Select**. 3. For **Application**, enter `Coupa` and select the corresponding textbox that appears. 4. For the authentication protocol, select **SAML**. @@ -32,7 +32,7 @@ This guide covers how to configure [Coupa](https://compass.coupa.com/en-us/produ ## 2. Download the metadata file -1. Paste the SAML metadata endpoint from application configuration in Cloudflare Zero Trust in a web browser. +1. Paste the SAML metadata endpoint from application configuration in Cloudflare One in a web browser. 2. Follow your browser-specific steps to download the URL's contents as an `.xml` file. ## 3. Add a SAML SSO provider in Coupa @@ -41,7 +41,7 @@ This guide covers how to configure [Coupa](https://compass.coupa.com/en-us/produ 2. Under **Sign in using SAML**, turn on **Sign in using SAML**. 3. In **Upload IdP metadata**, select **Choose File**, and upload the `.xml` file you downloaded in step [2. Download the metadata file](#2-download-the-metadata-file). 4. Turn on **Advanced Options**. -5. For **Sign in page URL** and **Timeout URL**, enter `https://sso-stg1.coupahost.com/sp/startSSO.ping?PartnerIdpId=&TARGET=https://.coupahost.com/sessions/saml_post` using the Access Entity ID or Issuer from application configuration in Cloudflare Zero Trust. +5. For **Sign in page URL** and **Timeout URL**, enter `https://sso-stg1.coupahost.com/sp/startSSO.ping?PartnerIdpId=&TARGET=https://.coupahost.com/sessions/saml_post` using the Access Entity ID or Issuer from application configuration in Cloudflare One. 6. Select **Save**. ## 3. Create a test user and test the integration diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/digicert-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/digicert-saas.mdx index 484140885d2d5e..03a04ffaa32e13 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/digicert-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/digicert-saas.mdx @@ -6,17 +6,17 @@ sidebar: order: 9 --- -This guide covers how to configure [Digicert](https://docs.digicert.com/en/certcentral/manage-account/saml-admin-single-sign-on-guide/configure-saml-single-sign-on.html) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Digicert](https://docs.digicert.com/en/certcentral/manage-account/saml-admin-single-sign-on-guide/configure-saml-single-sign-on.html) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Digicert account - [SAML](https://docs.digicert.com/en/certcentral/manage-account/saml-admin-single-sign-on-guide/saml-single-sign-on-prerequisites.html) enabled in your Digicert account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS** > **Select**. 3. For **Application**, enter `Digicert` and select the corresponding textbox that appears. 4. For the authentication protocol, select **SAML**. @@ -33,7 +33,7 @@ This guide covers how to configure [Digicert](https://docs.digicert.com/en/certc 1. In Digicert, select **Settings** > **Single Sign-On** > **Set up SAML**. 2. Under **How will you send data from your IDP?**, turn on **Use a dynamic URL**. -3. Under **Use a dynamic URL**, paste the SAML Metadata endpoint from application configuration in Cloudflare Zero Trust. +3. Under **Use a dynamic URL**, paste the SAML Metadata endpoint from application configuration in Cloudflare One. 4. Under **How will you identify a user?**, turn on **NameID**. 5. Under **Federation Name**, enter a name (for example, `Cloudflare Access`). Your users will select this name when signing in. 6. Select **Save SAML Settings**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/docusign-access.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/docusign-access.mdx index e154e1053b5e7d..54356e67c0742f 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/docusign-access.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/docusign-access.mdx @@ -6,17 +6,17 @@ sidebar: order: 10 --- -This guide covers how to configure [Docusign](https://support.docusign.com/s/document-item?bundleId=rrf1583359212854&topicId=ozd1583359139126.html) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Docusign](https://support.docusign.com/s/document-item?bundleId=rrf1583359212854&topicId=ozd1583359139126.html) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Docusign account that has Single Sign-On available - A [domain](https://support.docusign.com/s/document-item?bundleId=rrf1583359212854&topicId=gso1583359141256.html) verified in Docusign ## 1. Create the Access for SaaS application -1. In Zero Trust, go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an Application**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/dropbox-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/dropbox-saas.mdx index 78bf9120725f14..a57efc363b435a 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/dropbox-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/dropbox-saas.mdx @@ -6,16 +6,16 @@ sidebar: order: 11 --- -This guide covers how to configure [Dropbox](https://help.dropbox.com/security/sso-admin) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Dropbox](https://help.dropbox.com/security/sso-admin) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Dropbox Advanced, Business Plus, or Enterprise account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS** > **Select**. 3. For **Application**, select `Dropbox`. 4. For the authentication protocol, select **SAML**. @@ -39,7 +39,7 @@ This guide covers how to configure [Dropbox](https://help.dropbox.com/security/s 1. In Dropbox, go to your profile picture > **Settings** > **Admin Console** > **Security** > **Single sign-on**. 2. For **Single sign-on**, select _Optional_. 3. Select **Add Identity provider sign-in URL**. -4. Paste the SSO endpoint from application configuration in Cloudflare Zero Trust and select **Done**. +4. Paste the SSO endpoint from application configuration in Cloudflare One and select **Done**. 5. Select **Add X.509 certificate** and upload the `.pem` file from step [2. Create a certificate file](#2-create-a-certificate-file). 6. Copy **SSO sign-in URL**. This is your custom Dropbox SSO URL. 7. Select **Save**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-oidc-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-oidc-saas.mdx index 2c02e6d1dc3e7b..d0717c30c70ff6 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-oidc-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-oidc-saas.mdx @@ -11,7 +11,7 @@ This page provides generic instructions for setting up a SaaS application in Clo ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to the account of the SaaS application ## 1. Get SaaS application URL @@ -22,7 +22,7 @@ Some SaaS applications provide the Redirect URL after you [configure the SSO pro ## 2. Add your application to Access -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-saml-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-saml-saas.mdx index 4c885560a237f1..0f5aa870a98d5b 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-saml-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-saml-saas.mdx @@ -11,7 +11,7 @@ This page provides generic instructions for setting up a SaaS application in Clo ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to the account of the SaaS application ## 1. Get SaaS application URLs @@ -23,7 +23,7 @@ Obtain the following URLs from your SaaS application account: ## 2. Add your application to Access -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application**. @@ -62,7 +62,7 @@ If you are using Okta, Microsoft Entra ID (formerly Azure AD), Google Workspace, ## 3. Configure SSO in your SaaS application -Next, configure your SaaS application to require users to log in through Cloudflare Access. Refer to your SaaS application documentation for instructions on how to configure a third-party SAML SSO provider. You will need the following values from the Zero Trust dashboard: +Next, configure your SaaS application to require users to log in through Cloudflare Access. Refer to your SaaS application documentation for instructions on how to configure a third-party SAML SSO provider. You will need the following values from the Cloudflare One: - **SSO endpoint** - **Access Entity ID or Issuer** @@ -99,7 +99,7 @@ To send additional SAML attributes to your SaaS application, configure the follo - `Unspecified`: (default) No specific format required. - `URI`: Name is in a format such as `urn:ietf:params:scim:schemas:core:2.0:User:userName` or `urn:oid:2.5.4.42`. - `Basic`: Name is a normal string such as `userName`. - - **IdP claim**: The identity provider value that should map to this SAML attribute. You can select any [SAML attribute](/cloudflare-one/integrations/identity-providers/generic-saml/#saml-headers-and-attributes) or [OIDC claim](/cloudflare-one/integrations/identity-providers/generic-oidc/#custom-oidc-claims) that was configured in a Zero Trust IdP integration. + - **IdP claim**: The identity provider value that should map to this SAML attribute. You can select any [SAML attribute](/cloudflare-one/integrations/identity-providers/generic-saml/#saml-headers-and-attributes) or [OIDC claim](/cloudflare-one/integrations/identity-providers/generic-oidc/#custom-oidc-claims) that was configured in a Cloudflare One IdP integration. - **Required**: If an attribute is marked as required but is not provided by an IdP, Cloudflare will fail the authentication request and show an error page. - **Add per IdP claim**: (Optional) If you turned on multiple identity providers for the SaaS application, you can choose different attribute mappings for each IdP. These values will override the parent **IdP claim**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/github-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/github-saas.mdx index 38a146f62b7090..c47cf8f3da6870 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/github-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/github-saas.mdx @@ -6,17 +6,17 @@ sidebar: order: 12 --- -This guide covers how to configure [GitHub Enterprise Cloud](https://docs.github.com/en/enterprise-cloud@latest/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [GitHub Enterprise Cloud](https://docs.github.com/en/enterprise-cloud@latest/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - A GitHub Enterprise Cloud subscription - Access to a GitHub account as an organization owner -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS** > **Select**. 3. For **Application**, select _GitHub_. 4. For the authentication protocol, select **SAML**. @@ -39,8 +39,8 @@ This guide covers how to configure [GitHub Enterprise Cloud](https://docs.github 1. In your GitHub organization page, go to **Settings** > **Authentication security**. 2. Under **SAML single sign-on**, turn on **Enable SAML authentication**. 3. Fill in the following fields: - - **Sign on URL**: SSO endpoint from application configuration in Cloudflare Zero Trust. - - **Issuer**: Access Entity ID or Issuer from application configuration in Cloudflare Zero Trust. + - **Sign on URL**: SSO endpoint from application configuration in Cloudflare One. + - **Issuer**: Access Entity ID or Issuer from application configuration in Cloudflare One. - **Public certificate**: Paste the entire x.509 certificate from step [2. Create a x.509 certificate](#2-create-a-x509-certificate). ## 4. Test the integration diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/google-cloud-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/google-cloud-saas.mdx index b7c75d0566e4bb..100b2e0d6b2013 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/google-cloud-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/google-cloud-saas.mdx @@ -8,7 +8,7 @@ sidebar: import { GlossaryTooltip } from "~/components"; -This guide covers how to configure [Google Cloud](https://support.google.com/cloudidentity/topic/7558767) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Google Cloud](https://support.google.com/cloudidentity/topic/7558767) as a SAML application in Cloudflare One. :::caution @@ -21,13 +21,13 @@ When configuring Google Cloud with Access, the following limitations apply: ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Google Workspace account - [Cloud Identity Free or Premium](https://support.google.com/cloudidentity/answer/7389973) set up in your organization's Google Cloud account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS** > **Select**. 3. For **Application**, select _Google Cloud_. 4. For the authentication protocol, select **SAML**. @@ -42,7 +42,7 @@ When configuring Google Cloud with Access, the following limitations apply: ## 2. Create a x.509 certificate -1. Paste the Public key from application configuration in Cloudflare Zero Trust into a text editor. +1. Paste the Public key from application configuration in Cloudflare One into a text editor. 2. Wrap the certificate in `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`. 3. Set the file extension as `.crt` and save. @@ -52,8 +52,8 @@ When configuring Google Cloud with Access, the following limitations apply: 2. Select **Third-party SSO profile for your organization** > **Add SSO Profile**. 3. Turn on **Set up SSO with third-party identity provider**. 4. Fill in the following information: - - **Sign-in page URL**: SSO endpoint from application configuration in Cloudflare Zero Trust. - - **Sign-out page URL**: `https://.cloudflareaccess.com/cdn-cgi/access/logout`, where `` is your Zero Trust team name. + - **Sign-in page URL**: SSO endpoint from application configuration in Cloudflare One. + - **Sign-out page URL**: `https://.cloudflareaccess.com/cdn-cgi/access/logout`, where `` is your Cloudflare One team name. - **Verification certificate**: Upload the `.crt` certificate file from step [2. Create a x.509 certificate](#2-create-a-x509-certificate). 5. (Optional) Turn on **Use a domain specific issuer**. If you select this option, Google will send an issuer specific to your Google Cloud domain (`google.com/a/` instead of the standard `google.com`). diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/google-workspace-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/google-workspace-saas.mdx index 044b3df9af69f9..f690af3468144e 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/google-workspace-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/google-workspace-saas.mdx @@ -8,7 +8,7 @@ sidebar: import { GlossaryTooltip } from "~/components"; -This guide covers how to configure [Google Workspace](https://support.google.com/a/topic/7579248?ref_topic=7556686&sjid=14539485562330725560-NA) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Google Workspace](https://support.google.com/a/topic/7579248?ref_topic=7556686&sjid=14539485562330725560-NA) as a SAML application in Cloudflare One. :::note @@ -18,16 +18,18 @@ The integration of Access as a single sign-on provider for your Google Workspace ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Google Workspace account -## 1. Create an application in Zero Trust +## 1. Create an application in Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **Applications**. -2. Select **SaaS application**. +2. Select **Add an application**. -3. Fill in the following information: +3. Select **SaaS**. + +4. Fill in the following information: - **Application**: _Google_. - **Entity ID**: Use the value provided to you by Google when [configuring your SAML SSO provider](https://saml-doc.okta.com/SAML_Docs/How-to-Enable-SAML-2.0-in-Google-Apps.html). - **Assertion Consumer Service URL**: `https://www.google.com/a//acs`, where `` is your Google Workspace domain. @@ -38,11 +40,11 @@ The integration of Access as a single sign-on provider for your Google Workspace When you put your Google Workspace behind Access, users will not be able to log in using [Google](/cloudflare-one/integrations/identity-providers/google/) or [Google Workspace](/cloudflare-one/integrations/identity-providers/google-workspace/) as an identity provider. To secure Google Workspace behind Access and avoid an [authentication loop](/cloudflare-one/faq/troubleshooting/#after-putting-google-workspace-behind-access-i-cant-log-in-it-keeps-redirecting-between-access-and-google-without-ever-completing-authentication), you must configure a different identity provider (not Google or Google Workspace) for authentication. ::: -4. [Create an Access policy](/cloudflare-one/access-controls/policies/) for your application. For example, you could allow users with an `@your_domain.com` email address. +5. [Create an Access policy](/cloudflare-one/access-controls/policies/) for your application. For example, you could allow users with an `@your_domain.com` email address. -5. Copy the **SSO endpoint**, **Access Entity ID or Issuer**, and **Public key**. These values will be used to configure Google Workspace. +6. Copy the **SSO endpoint**, **Access Entity ID or Issuer**, and **Public key**. These values will be used to configure Google Workspace. -6. Save the application. +7. Save the application. ## 2. Create a certificate from your public key @@ -65,8 +67,8 @@ When you put your Google Workspace behind Access, users will not be able to log 3. Select **Third-party SSO profile for your organization**. 4. Enable **Set up SSO with third-party identity provider**. 5. Fill in the following information: - - **Sign-in page URL**: Copy and then paste your **SSO endpoint** from Zero Trust. - - **Sign-out page URL**: `https://.cloudflareaccess.com/cdn-cgi/access/logout`, where `` is your Zero Trust team name. + - **Sign-in page URL**: Copy and then paste your **SSO endpoint** from Cloudflare One. + - **Sign-out page URL**: `https://.cloudflareaccess.com/cdn-cgi/access/logout`, where `` is your Cloudflare One team name. - **Verification certificate**: Upload the certificate file containing your public key. 6. (Optional) Enable **Use a domain specific issuer**. If you select this option, Google will send an issuer specific to your Google Workspace domain (`google.com/a/` instead of the standard `google.com`). diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/grafana-cloud-saas-oidc.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/grafana-cloud-saas-oidc.mdx index bfbbc0d9b8cd18..23f782947fed5f 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/grafana-cloud-saas-oidc.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/grafana-cloud-saas-oidc.mdx @@ -6,38 +6,39 @@ sidebar: order: 14 --- -This guide covers how to configure [Grafana Cloud](https://grafana.com/docs/grafana-cloud/account-management/authentication-and-permissions/authorization/#configure-oauth-20-with-generic-oauth) as an OIDC application in Cloudflare Zero Trust. +This guide covers how to configure [Grafana Cloud](https://grafana.com/docs/grafana-cloud/account-management/authentication-and-permissions/authorization/#configure-oauth-20-with-generic-oauth) as an OIDC application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Grafana Cloud account -## 1. Add a SaaS application to Cloudflare Zero Trust - -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. -2. Select **SaaS**. -3. For **Application**, enter `Grafana Cloud` and select the corresponding textbox that appears. -4. For the authentication protocol, select **OIDC**. -5. Select **Add application**. -6. In **Scopes**, select the attributes that you want Access to send in the ID token. -7. In **Redirect URLs**, enter `https:///login/generic_oauth`. -8. (Optional) Enable [Proof of Key Exchange (PKCE)](https://www.oauth.com/oauth2-servers/pkce/) if the protocol is supported by your IdP. PKCE will be performed on all login attempts. -9. Copy the **Client secret**, **Client ID**, **Token endpoint**, and **Authorization endpoint**. -10. Configure [Access policies](/cloudflare-one/access-controls/policies/) for the application. -11. (Optional) In **Experience settings**, configure [App Launcher settings](/cloudflare-one/access-controls/access-settings/app-launcher/) by turning on **Enable App in App Launcher** and, in **App Launcher URL**, entering `https:///login`. -12. Save the application. +## 1. Add a SaaS application to Cloudflare One + +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. +2. Select **Add an application**. +3. Select **SaaS**. +4. For **Application**, enter `Grafana Cloud` and select the corresponding textbox that appears. +5. For the authentication protocol, select **OIDC**. +6. Select **Add application**. +7. In **Scopes**, select the attributes that you want Access to send in the ID token. +8. In **Redirect URLs**, enter `https:///login/generic_oauth`. +9. (Optional) Enable [Proof of Key Exchange (PKCE)](https://www.oauth.com/oauth2-servers/pkce/) if the protocol is supported by your IdP. PKCE will be performed on all login attempts. +10. Copy the **Client secret**, **Client ID**, **Token endpoint**, and **Authorization endpoint**. +11. Configure [Access policies](/cloudflare-one/access-controls/policies/) for the application. +12. (Optional) In **Experience settings**, configure [App Launcher settings](/cloudflare-one/access-controls/access-settings/app-launcher/) by turning on **Enable App in App Launcher** and, in **App Launcher URL**, entering `https:///login`. +13. Save the application. ## 2. Add a SSO provider to Grafana Cloud 1. In Grafana Cloud, select the **menu** icon > **Administration** > **Authentication** > **Generic OAuth**. 2. (Optional) For **Display name**, enter a new display name (for example, `Cloudflare Access`). Users will select **Sign in with (display name)** when signing in via SSO. 3. Fill in the following fields: - - **Client Id**: Client ID from application configuration in Cloudflare Zero Trust - - **Client secret**: Client secret from application configuration in Cloudflare Zero Trust - - **Scopes**: Delete `user:email` and enter the scopes configured in Cloudflare Zero Trust - - **Auth URL**: Authorization endpoint from application configuration in Cloudflare Zero Trust - - **Token URL**: Token endpoint from application configuration in Cloudflare Zero Trust + - **Client Id**: Client ID from application configuration in Cloudflare One + - **Client secret**: Client secret from application configuration in Cloudflare One + - **Scopes**: Delete `user:email` and enter the scopes configured in Cloudflare One + - **Auth URL**: Authorization endpoint from application configuration in Cloudflare One + - **Token URL**: Token endpoint from application configuration in Cloudflare One 4. Select **Save**. ## 3. Test the integration diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/grafana-saas-oidc.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/grafana-saas-oidc.mdx index b2a0fbad297b00..0dc0819f6c4cbe 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/grafana-saas-oidc.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/grafana-saas-oidc.mdx @@ -6,42 +6,43 @@ sidebar: order: 14 --- -This guide covers how to configure [Grafana](https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/generic-oauth/) as an OIDC application in Cloudflare Zero Trust. +This guide covers how to configure [Grafana](https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/generic-oauth/) as an OIDC application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Grafana account :::note You can also configure OIDC SSO for Grafana using a [configuration file](https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/generic-oauth/#configure-generic-oauth-authentication-client-using-the-grafana-configuration-file) instead of using Grafana's user interface (UI), as documented in this guide. ::: -## 1. Add a SaaS application to Cloudflare Zero Trust - -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. -2. Select **SaaS**. -3. For **Application**, select _Grafana_. -4. For the authentication protocol, select **OIDC**. -5. Select **Add application**. -6. In **Scopes**, select the attributes that you want Access to send in the ID token. -7. In **Redirect URLs**, enter `https:///login/generic_oauth`. -8. (Optional) Enable [Proof of Key Exchange (PKCE)](https://www.oauth.com/oauth2-servers/pkce/) if the protocol is supported by your IdP. PKCE will be performed on all login attempts. -9. Copy the **Client secret**, **Client ID**, **Token endpoint**, and **Authorization endpoint**. -10. Configure [Access policies](/cloudflare-one/access-controls/policies/) for the application. -11. (Optional) In **Experience settings**, configure [App Launcher settings](/cloudflare-one/access-controls/access-settings/app-launcher/) by turning on **Enable App in App Launcher** and, in **App Launcher URL**, entering `https:///login`. -12. Save the application. +## 1. Add a SaaS application to Cloudflare One + +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. +2. Select **Add an application**. +3. Select **SaaS**. +4. For **Application**, select _Grafana_. +5. For the authentication protocol, select **OIDC**. +6. Select **Add application**. +7. In **Scopes**, select the attributes that you want Access to send in the ID token. +8. In **Redirect URLs**, enter `https:///login/generic_oauth`. +9. (Optional) Enable [Proof of Key Exchange (PKCE)](https://www.oauth.com/oauth2-servers/pkce/) if the protocol is supported by your IdP. PKCE will be performed on all login attempts. +10. Copy the **Client secret**, **Client ID**, **Token endpoint**, and **Authorization endpoint**. +11. Configure [Access policies](/cloudflare-one/access-controls/policies/) for the application. +12. (Optional) In **Experience settings**, configure [App Launcher settings](/cloudflare-one/access-controls/access-settings/app-launcher/) by turning on **Enable App in App Launcher** and, in **App Launcher URL**, entering `https:///login`. +13. Save the application. ## 2. Add a SSO provider to Grafana 1. In Grafana, select the **menu** icon > **Administration** > **Authentication** > **Generic OAuth**. 2. (Optional) For **Display name**, enter a new display name (for example, `Cloudflare Access`). Users will select **Sign in with (display name)** when signing in via SSO. 3. Fill in the following fields: - - **Client Id**: Client ID from application configuration in Cloudflare Zero Trust - - **Client secret**: Client secret from application configuration in Cloudflare Zero Trust - - **Scopes**: Delete `user:email` and enter the scopes configured in Cloudflare Zero Trust - - **Auth URL**: Authorization endpoint from application configuration in Cloudflare Zero Trust - - **Token URL**: Token endpoint from application configuration in Cloudflare Zero Trust + - **Client Id**: Client ID from application configuration in Cloudflare One + - **Client secret**: Client secret from application configuration in Cloudflare One + - **Scopes**: Delete `user:email` and enter the scopes configured in Cloudflare One + - **Auth URL**: Authorization endpoint from application configuration in Cloudflare One + - **Token URL**: Token endpoint from application configuration in Cloudflare One 4. Select **Save**. ## 3. Test the integration diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/greenhouse-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/greenhouse-saas.mdx index bcb639434a7a38..8a0c17946d4e15 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/greenhouse-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/greenhouse-saas.mdx @@ -6,26 +6,26 @@ sidebar: order: 15 --- -This guide covers how to configure [Greenhouse Recruiting](https://support.greenhouse.io/hc/en-us/articles/360040753811-Configure-single-sign-on-SSO-for-Greenhouse-Recruiting) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Greenhouse Recruiting](https://support.greenhouse.io/hc/en-us/articles/360040753811-Configure-single-sign-on-SSO-for-Greenhouse-Recruiting) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to an Advanced or Expert Greenhouse Recruiting site -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS**. 3. For **Application**, enter `Greenhouse` and select the corresponding textbox that appears. 4. For the authentication protocol, select **SAML**. 5. Select **Add application**. 6. Copy the **SAML Metadata endpoint**. -7. Keep this window open. You will finish this configuration in step [4. Finish adding a SaaS application to Cloudflare Zero Trust](#4-finish-adding-a-saas-application-to-cloudflare-zero-trust). +7. Keep this window open. You will finish this configuration in step [4. Finish adding a SaaS application to Cloudflare One](#4-finish-adding-a-saas-application-to-cloudflare-one). ## 2. Download the metadata file -1. Paste the SAML Metadata endpoint from application configuration in Cloudflare Zero Trust in a web browser. +1. Paste the SAML Metadata endpoint from application configuration in Cloudflare One in a web browser. 2. Follow your browser-specific steps to download the URL's contents as an `.xml` file. ## 3. Add a SAML SSO provider to Greenhouse @@ -36,9 +36,9 @@ This guide covers how to configure [Greenhouse Recruiting](https://support.green 4. Change the **Entity ID** to `greenhouse.io`. 5. Keep this window open without selecting **Begin testing**. You will finish this configuration in step [5. Test the integration and finalize configuration](#5-test-the-integration-and-finalize-configuration). -## 4. Finish adding a SaaS application to Cloudflare Zero Trust +## 4. Finish adding a SaaS application to Cloudflare One -1. In your open Zero Trust window, fill in the following fields: +1. In your open Cloudflare One window, fill in the following fields: - **Entity ID**: `greenhouse.io` - **Assertion Consumer Service URL**: SSO Assertion Consumer URL from SSO configuration in Greenhouse Recruiting. - **Name ID format**: _Email_ diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/hubspot-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/hubspot-saas.mdx index e9316914b1bc35..6af8d3d4707eb4 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/hubspot-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/hubspot-saas.mdx @@ -6,11 +6,11 @@ sidebar: order: 16 --- -This guide covers how to configure [Hubspot](https://knowledge.hubspot.com/account-security/set-up-single-sign-on-sso) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Hubspot](https://knowledge.hubspot.com/account-security/set-up-single-sign-on-sso) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Hubspot Enterprise plan account ## 1. Configure Hubspot @@ -21,7 +21,7 @@ This guide covers how to configure [Hubspot](https://knowledge.hubspot.com/accou ## 2. Configure Cloudflare Access -1. In Zero Trust, go to **Access** > **Applications** and create a SaaS application. +1. In Cloudflare One, go to **Access controls** > **Applications** and create a SaaS application. 2. Set the **Application type** to _Hubspot_. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/ironclad-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/ironclad-saas.mdx index 561c72422d749e..b77b65e2ac3aa6 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/ironclad-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/ironclad-saas.mdx @@ -6,22 +6,22 @@ sidebar: order: 17 --- -This guide covers how to configure [Ironclad](https://support.ironcladapp.com/hc/articles/12286012625559-Set-Up-Generic-SSO-SAML-Integration) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Ironclad](https://support.ironcladapp.com/hc/articles/12286012625559-Set-Up-Generic-SSO-SAML-Integration) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Ironclad site -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS**. 3. For **Application**, enter `Ironclad` and select the corresponding textbox that appears. 4. For the authentication protocol, select **SAML**. 5. Select **Add application**. 6. Copy the **SSO Endpoint** and **Public key**. -7. Keep this window open. You will finish this configuration in step [3. Finish adding a SaaS application to Cloudflare Zero Trust](#3-finish-adding-a-saas-application-to-cloudflare-zero-trust). +7. Keep this window open. You will finish this configuration in step [3. Finish adding a SaaS application to Cloudflare One](#3-finish-adding-a-saas-application-to-cloudflare-one). ## 2. Add a SAML SSO provider to Ironclad @@ -29,13 +29,13 @@ This guide covers how to configure [Ironclad](https://support.ironcladapp.com/hc 2. Select **Add SAML Configuration** > **Show Additional IdP Settings**. 3. Copy the **Callback** value. 4. Fill in the following fields: - - **Entry Point**: SSO endpoint from application configuration in Cloudflare Zero Trust. - - **Identity Provider Certificate**: Public key from application configuration in Cloudflare Zero Trust. The key will automatically be wrapped in `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`. + - **Entry Point**: SSO endpoint from application configuration in Cloudflare One. + - **Identity Provider Certificate**: Public key from application configuration in Cloudflare One. The key will automatically be wrapped in `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`. 5. Select **Save**. -## 3. Finish adding a SaaS application to Cloudflare Zero Trust +## 3. Finish adding a SaaS application to Cloudflare One -1. In your open Zero Trust window, fill in the following fields: +1. In your open Cloudflare One window, fill in the following fields: - **Entity ID**: `ironcladapp.com` - **Assertion Consumer Service URL**: Callback from Ironclad SAML SSO set-up. - **Name ID format**: _Email_ diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/jamf-pro-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/jamf-pro-saas.mdx index f8d6584342dde3..1811acbc3b0b57 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/jamf-pro-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/jamf-pro-saas.mdx @@ -6,11 +6,11 @@ sidebar: order: 18 --- -This guide covers how to configure [Jamf Pro](https://learn.jamf.com/en-US/bundle/jamf-pro-documentation-current/page/Single_Sign-On.html) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Jamf Pro](https://learn.jamf.com/en-US/bundle/jamf-pro-documentation-current/page/Single_Sign-On.html) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Jamf Pro account ## 1. Collect Jamf Pro information @@ -20,9 +20,9 @@ This guide covers how to configure [Jamf Pro](https://learn.jamf.com/en-US/bundl 3. Paste the URL in a web browser to download the Jamf metadata file. 4. Open the `metadata.xml` file in a text editor, and copy the values for **Entity ID** and **Assertion Consumer Service**. -## 2. Add a SaaS application to Cloudflare Zero Trust +## 2. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS**. 3. For **Application**, enter `Jamf` or `Jamf Pro` and select the corresponding textbox that appears. 4. For the authentication protocol, select **SAML**. @@ -37,7 +37,7 @@ This guide covers how to configure [Jamf Pro](https://learn.jamf.com/en-US/bundl ## 3. Edit Access SAML Metadata -1. Paste the **SAML Metadata endpoint** from application configuration in Cloudflare Zero Trust into a browser. +1. Paste the **SAML Metadata endpoint** from application configuration in Cloudflare One into a browser. 2. Copy the file and paste it into a text editor. 3. Change `WantAuthnRequestsSigned="true"` to `WantAuthnRequestsSigned="false"`. 4. Set the file extension as `.xml` and save. @@ -49,7 +49,7 @@ This guide covers how to configure [Jamf Pro](https://learn.jamf.com/en-US/bundl 3. Label **Other provider** as `Cloudflare`. 4. Fill in the following fields: - **Entity ID**: Entity ID from Jamf Pro metadata file. - - **Identity Provider Metadata Source**: Select **Metadata File** and upload the `.xml` file from step [2. Edit Access SAML Metadata](#2-add-a-saas-application-to-cloudflare-zero-trust). + - **Identity Provider Metadata Source**: Select **Metadata File** and upload the `.xml` file from step [2. Edit Access SAML Metadata](#2-add-a-saas-application-to-cloudflare-one). - **Identity Provider User Mapping**: _Name ID_ - **Jamf Pro User Mapping**: _Email_ 5. Turn on **Single Sign On**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/miro-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/miro-saas.mdx index fcc9f19cd3da7c..da85770ccceb60 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/miro-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/miro-saas.mdx @@ -8,17 +8,17 @@ sidebar: import { Render, TabItem, Tabs } from "~/components"; -This guide covers how to configure [Miro](https://help.miro.com/hc/articles/360017571414-Single-sign-on-SSO) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Miro](https://help.miro.com/hc/articles/360017571414-Single-sign-on-SSO) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Miro Business or Enterprise plan account - A [verified domain](https://help.miro.com/hc/articles/360034831793-Domain-control) added to your Miro account (Enterprise plan), or be prepared to do so during SSO configuration (Business or Enterprise plan) -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS**. 3. For **Application**, enter `Miro` and select the corresponding textbox that appears. 4. For the authentication protocol, select **SAML**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/pagerduty-saml-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/pagerduty-saml-saas.mdx index 883e0328a0da23..22e4d5735c1735 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/pagerduty-saml-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/pagerduty-saml-saas.mdx @@ -6,16 +6,16 @@ sidebar: order: 20 --- -This guide covers how to configure [PagerDuty](https://support.pagerduty.com/docs/sso) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [PagerDuty](https://support.pagerduty.com/docs/sso) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a PagerDuty site -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS**. 3. For **Application**, select _PagerDuty_. 4. For the authentication protocol, select **SAML**. @@ -39,7 +39,7 @@ This guide covers how to configure [PagerDuty](https://support.pagerduty.com/doc 1. In PagerDuty, select your profile picture and go to **Account Settings** > **Single Sign-on**. 2. Turn on **SAML**. 3. In **X.509 Certificate**, paste the entire x.509 certificate from step [2. Create a x.509 certificate](#2-create-a-x509-certificate). -4. In **Login URL**, paste the SSO endpoint from application configuration in Cloudflare Zero Trust. +4. In **Login URL**, paste the SSO endpoint from application configuration in Cloudflare One. 5. Select **Save Changes**. ## 4. Test the integration and finalize SSO configuration diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/pingboard-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/pingboard-saas.mdx index 631038bc6d14d9..e797b03191a7d1 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/pingboard-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/pingboard-saas.mdx @@ -6,16 +6,16 @@ sidebar: order: 21 --- -This guide covers how to configure [Pingboard](https://support.pingboard.com/hc/en-us/articles/360046585994-Set-Up-a-Custom-SSO-Solution) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Pingboard](https://support.pingboard.com/hc/en-us/articles/360046585994-Set-Up-a-Custom-SSO-Solution) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Pingboard account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS** > **Select**. 3. For **Application**, enter `Pingboard` and select the corresponding textbox that appears. 4. For the authentication protocol, select **SAML**. @@ -32,7 +32,7 @@ This guide covers how to configure [Pingboard](https://support.pingboard.com/hc/ 1. In Pingboard, go to **Account** > **Add-Ons**. 2. Under **Third-Party Integrations**, select **Custom SSO**. -3. In a web browser, paste the SAML Metadata endpoint you copied from the application configuration in Cloudflare Zero Trust. Next, copy the contents of the displayed page. +3. In a web browser, paste the SAML Metadata endpoint you copied from the application configuration in Cloudflare One. Next, copy the contents of the displayed page. 4. In Pingboard, under **IdP Metadata**, paste the contents from the SAML Metadata endpoint. 5. (Optional) Under **Sign in with**, enter a name (for example, `Cloudflare Access`). Your users will select this name when signing in. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/salesforce-saas-oidc.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/salesforce-saas-oidc.mdx index ed1cde2a450878..bf903ea3156757 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/salesforce-saas-oidc.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/salesforce-saas-oidc.mdx @@ -8,17 +8,17 @@ sidebar: import { Render } from "~/components"; -This guide covers how to configure [Salesforce](https://help.salesforce.com/s/articleView?id=sf.sso_provider_openid_connect.htm&type=5) as an OpenID Connect (OIDC) application in Cloudflare Zero Trust. +This guide covers how to configure [Salesforce](https://help.salesforce.com/s/articleView?id=sf.sso_provider_openid_connect.htm&type=5) as an OpenID Connect (OIDC) application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Salesforce account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. -2. Select **SaaS**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. +2. Select **Add an application** > **SaaS**. 3. For **Application**, select _Salesforce_. 4. For the authentication protocol, select **OIDC**. 5. Select **Add application**. @@ -56,7 +56,7 @@ This guide covers how to configure [Salesforce](https://help.salesforce.com/s/ar ```txt https://.my.salesforce.com/services/authcallback/ ``` -11. In Zero Trust, paste the Callback URL into the **Redirect URL** field. +11. In Cloudflare One, paste the Callback URL into the **Redirect URL** field. To test the integration, open an incognito browser window and go to the **Test-Only Initialization URL** ( `https://.my.salesforce.com/services/auth/test/`) diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/salesforce-saas-saml.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/salesforce-saas-saml.mdx index 254815f0d4e349..d41945f5b86486 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/salesforce-saas-saml.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/salesforce-saas-saml.mdx @@ -4,22 +4,22 @@ title: Salesforce (SAML) reviewed: 2024-07-29 sidebar: order: 22 -description: Learn to configure Salesforce as a SAML app in Cloudflare Zero Trust. Follow step-by-step instructions for adding SaaS apps and enabling SSO. +description: Learn to configure Salesforce as a SAML app in Cloudflare One. Follow step-by-step instructions for adding SaaS apps and enabling SSO. --- import { Details, Render } from "~/components"; -This guide covers how to configure [Salesforce](https://help.salesforce.com/s/articleView?id=sf.sso_saml.htm&type=5) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Salesforce](https://help.salesforce.com/s/articleView?id=sf.sso_saml.htm&type=5) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Salesforce account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. -2. Select **SaaS**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. +2. Select **Add an application** > **SaaS**. 3. For **Application**, select _Salesforce_. 4. For the authentication protocol, select **SAML**. 5. Select **Add application**. @@ -50,7 +50,7 @@ If you are unsure of which URL to use in the **Entity ID** and **Assertion Consu 4. Fill in the following fields: - **Name:** Name of the SSO provider (for example, `Cloudflare Access`). Users will select this name when signing in to Salesforce. - **API name:** (this will pre-populate) - - **Issuer:** Paste the Access Entity ID or Issuer from application configuration in Cloudflare Zero Trust. + - **Issuer:** Paste the Access Entity ID or Issuer from application configuration in Cloudflare One. - **Identity Provider Certificate**: Upload the `.crt` certificate file from [2. Create a certificate file](#2-create-a-certificate-file). - **Entity ID**: `https://.my.salesforce.com` - **SAML Identity type:** If the user's Salesforce username is their email address, select _Assertion contains the User's Salesforce username_. Otherwise, select _Assertion contains the Federation ID from the User object_ and make sure the user's Federation ID matches their email address. @@ -60,8 +60,8 @@ If you are unsure of which URL to use in the **Entity ID** and **Assertion Consu the user. 3. Verify that the user's **Federation ID** matches the email address used to authenticate to Cloudflare Access. - - **Identity Provider Login URL**: SSO endpoint provided in Cloudflare Zero - Trust for this application. + - **Identity Provider Login URL**: SSO endpoint provided in Cloudflare One + for this application. 5. Select **Save**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/servicenow-saas-oidc.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/servicenow-saas-oidc.mdx index 71560831184cc4..61073119833a94 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/servicenow-saas-oidc.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/servicenow-saas-oidc.mdx @@ -6,17 +6,17 @@ sidebar: order: 23 --- -This guide covers how to configure [ServiceNow](https://docs.servicenow.com/bundle/washingtondc-platform-security/page/integrate/single-sign-on/task/create-OIDC-configuration-SSO.html) as an OIDC application in Cloudflare Zero Trust. +This guide covers how to configure [ServiceNow](https://docs.servicenow.com/bundle/washingtondc-platform-security/page/integrate/single-sign-on/task/create-OIDC-configuration-SSO.html) as an OIDC application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a ServiceNow account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. -2. Select **SaaS**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. +2. Select **Add an application** > **SaaS**. 3. For **Application**, enter `ServiceNow` and select the corresponding textbox that appears. 4. For the authentication protocol, select **OIDC**. 5. Select **Add application**. @@ -43,8 +43,8 @@ This guide covers how to configure [ServiceNow](https://docs.servicenow.com/bund 3. Select **New** > **OpenID Connect**. 4. In the pop-up, fill in the following fields: - **Name**: Name of the SSO (for example, `Cloudflare Access`). Unless otherwise configured, users will select this name when signing in to ServiceNow. - - **Client ID**: **Client ID** from application configuration in Cloudflare Zero Trust. - - **Client Secret**: **Client Secret** from application configuration in Cloudflare Zero Trust. + - **Client ID**: **Client ID** from application configuration in Cloudflare One. + - **Client Secret**: **Client Secret** from application configuration in Cloudflare One. - **Well Known Configuration URL**: `https://.cloudflareaccess.com/cdn-cgi/access/sso/oidc//.well-known/openid-configuration`. 5. Select **Import**. 6. Ensure **Active** is turned on diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/servicenow-saas-saml.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/servicenow-saas-saml.mdx index 978e5149593a30..0f12fe9a2da25b 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/servicenow-saas-saml.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/servicenow-saas-saml.mdx @@ -6,16 +6,16 @@ sidebar: order: 23 --- -This guide covers how to configure [ServiceNow](https://docs.servicenow.com/bundle/washingtondc-platform-security/page/integrate/single-sign-on/task/t_CreateASAML2Upd1SSOConfigMultiSSO.html) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [ServiceNow](https://docs.servicenow.com/bundle/washingtondc-platform-security/page/integrate/single-sign-on/task/t_CreateASAML2Upd1SSOConfigMultiSSO.html) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a ServiceNow account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS** > **Select**. 3. For **Application**, enter `ServiceNow` and select the corresponding textbox that appears. 4. For the authentication protocol, select **SAML**. @@ -42,7 +42,7 @@ This guide covers how to configure [ServiceNow](https://docs.servicenow.com/bund 2. In the search bar enter `Multi-Provider SSO`, and select **Identity Providers**. 3. Select **New** > **SAML**. 4. In the pop-up, ensure that **URL** is selected. -5. Paste the **SAML Metadata endpoint** from application configuration in Cloudflare Zero Trust in the empty field. +5. Paste the **SAML Metadata endpoint** from application configuration in Cloudflare One in the empty field. 6. Select **Import**. 7. (Optional) Change the **Name** field to a more recognizable name. 8. Turn off **Sign AuthnRequest**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/slack-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/slack-saas.mdx index 8ed2f68c20a632..99cc59f6edf213 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/slack-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/slack-saas.mdx @@ -8,16 +8,16 @@ sidebar: import { TabItem, Tabs } from "~/components"; -This guide covers how to configure [Slack](https://slack.com/help/articles/203772216-SAML-single-sign-on) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Slack](https://slack.com/help/articles/203772216-SAML-single-sign-on) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Slack Business+ or Enterprise Grid plan account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS**. 3. For **Application**, select _Slack_. 4. For the authentication protocol, select **SAML**. @@ -44,8 +44,8 @@ This guide covers how to configure [Slack](https://slack.com/help/articles/20377 3. Turn on **Test**. Configuration changes will not apply until **Configure** is turned on. 4. Fill in the following fields: - **Service Provider Issuer URL**: Ensure set to `https://slack.com`. - - **SAML SSO URL**: SSO endpoint from application configuration in Cloudflare Zero Trust. - - **Identity Provider Issuer**: Access Entity ID or Issuer from application configuration in Cloudflare Zero Trust. + - **SAML SSO URL**: SSO endpoint from application configuration in Cloudflare One. + - **Identity Provider Issuer**: Access Entity ID or Issuer from application configuration in Cloudflare One. - **Public Certificate**: Paste the entire x.509 certificate from step [2. Create a x.509 certificate](#2-create-a-x509-certificate). 5. Under **Advanced Options**, select **Expand**. 6. For **AuthnContextClassRef**, ensure _urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport_ is selected. @@ -62,8 +62,8 @@ This guide covers how to configure [Slack](https://slack.com/help/articles/20377 1. In Slack, go to **Settings & administration** > **Organization settings** > **Security** > **SSO Settings**. 2. For **SSO name**, enter your desired name. 3. Fill in the following fields: - - **SAML 2.0 Endpoint URL**: SSO endpoint from application configuration in Cloudflare Zero Trust. - - **Identity Provider Issuer URL**: Access Entity ID or Issuer from application configuration in Cloudflare Zero Trust. + - **SAML 2.0 Endpoint URL**: SSO endpoint from application configuration in Cloudflare One. + - **Identity Provider Issuer URL**: Access Entity ID or Issuer from application configuration in Cloudflare One. - **Service Provider Issuer URL**: Ensure set to `https://slack.com`. - **x.509 Certificate**: Paste the entire x.509 certificate from step [2. Create a x.509 certificate](#2-create-a-x509-certificate). 4. For **AuthnContextClassRef**, ensure _urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport_ is selected. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/smartsheet-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/smartsheet-saas.mdx index df37a6a74dd39b..499181eeff95ca 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/smartsheet-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/smartsheet-saas.mdx @@ -6,11 +6,11 @@ sidebar: order: 25 --- -This guide covers how to configure [Smartsheet](https://help.smartsheet.com/articles/2483123-domain-level-saml-configuration) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Smartsheet](https://help.smartsheet.com/articles/2483123-domain-level-saml-configuration) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Smartsheet Enterprise account - A [domain](https://help.smartsheet.com/articles/2483051-domain-management) verified in Smartsheet @@ -18,9 +18,9 @@ This guide covers how to configure [Smartsheet](https://help.smartsheet.com/arti In Smartsheet, SSO is configured for a domain. If you have multiple plans using the same domain, the SSO configuration will apply to all Smartsheet users in that domain, regardless of their plan type. ::: -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS** > **Select**. 3. For **Application**, enter `Smartsheet` and select the corresponding textbox that appears. 4. For the authentication protocol, select **SAML**. @@ -38,7 +38,7 @@ In Smartsheet, SSO is configured for a domain. If you have multiple plans using 1. In your Smartsheet Admin Center, go to **Settings** > **Authentication** > **Add a SAML IdP**. 2. In **Other IdP (Customize)**, select **Configure**. 3. Select **Next**. -4. Under **XML URL**, paste the SAML Metadata endpoint from application configuration in Cloudflare Zero Trust. +4. Under **XML URL**, paste the SAML Metadata endpoint from application configuration in Cloudflare One. 5. Under **Name SAML IdP**, enter a name (for example, `Cloudflare Access`). 6. Select **Save & Next**. 7. Select **Verify connection** and sign in via Access. If validation is successful, you will see a **SAML IdP Successfully Connected!** message. Close the configuration verification page. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/sparkpost-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/sparkpost-saas.mdx index 2d8ba4501fd955..2793a191a3f840 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/sparkpost-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/sparkpost-saas.mdx @@ -10,12 +10,12 @@ This guide covers how to configure [SparkPost or SparkPost EU](https://support.s ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a SparkPost or SparkPost EU account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS** > **Select**. 3. For **Application**, enter `SparkPost` and select the corresponding textbox that appears. 4. For the authentication protocol, select **SAML**. @@ -36,7 +36,7 @@ This guide covers how to configure [SparkPost or SparkPost EU](https://support.s ## 2. Download the metadata file -1. Paste the SAML metadata endpoint from application configuration in Cloudflare Zero Trust in a web browser. +1. Paste the SAML metadata endpoint from application configuration in Cloudflare One in a web browser. 2. Follow your browser-specific steps to download the URL's contents as an `.xml` file. ## 3. Add a SAML SSO provider to SparkPost diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/tableau-saml-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/tableau-saml-saas.mdx index 06b1268461f356..512f07d79e5760 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/tableau-saml-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/tableau-saml-saas.mdx @@ -6,26 +6,26 @@ sidebar: order: 27 --- -This guide covers how to configure [Tableau Cloud](https://help.tableau.com/current/online/en-us/saml_config_site.htm) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Tableau Cloud](https://help.tableau.com/current/online/en-us/saml_config_site.htm) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Tableau Cloud site -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS**. 3. For **Application**, select _Tableau_. 4. For the authentication protocol, select **SAML**. 5. Select **Add application**. 6. Copy the **SAML Metadata endpoint**. -7. Keep this window open. You will finish this configuration in step [4. Finish adding a SaaS application to Cloudflare Zero Trust](#4-finish-adding-a-saas-application-to-cloudflare-zero-trust). +7. Keep this window open. You will finish this configuration in step [4. Finish adding a SaaS application to Cloudflare One](#4-finish-adding-a-saas-application-to-cloudflare-one). ## 2. Download the metadata file -1. Paste the SAML Metadata endpoint from application configuration in Cloudflare Zero Trust in a web browser. +1. Paste the SAML Metadata endpoint from application configuration in Cloudflare One in a web browser. 2. Follow your browser-specific steps to download the URL's contents as an `.xml` file. ## 3. Add a SAML SSO provider to Tableau Cloud @@ -38,9 +38,9 @@ This guide covers how to configure [Tableau Cloud](https://help.tableau.com/curr 6. (Optional) Choose whether users who are accessing embedded views will **Authenticate in a separate pop-up window** or **Authenticate using an inline frame**. 7. Select **Save Changes**. -## 4. Finish adding a SaaS application to Cloudflare Zero Trust +## 4. Finish adding a SaaS application to Cloudflare One -1. In your open Zero Trust window, fill in the following fields: +1. In your open Cloudflare One window, fill in the following fields: - **Entity ID**: Tableau Cloud entity ID from Tableau Cloud SAML SSO set-up. - **Assertion Consumer Service URL**: Tableau Cloud ACS URL from Tableau Cloud SAML SSO set-up. - **Name ID format**: _Email_ diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/workday-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/workday-saas.mdx index 7c90172a542d7d..ca2baa5a56581b 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/workday-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/workday-saas.mdx @@ -6,16 +6,16 @@ sidebar: order: 28 --- -This guide covers how to configure [Workday](https://doc.workday.com/admin-guide/en-us/authentication-and-security/authentication/saml/dan1370796470811.html?toc=1.5.1) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Workday](https://doc.workday.com/admin-guide/en-us/authentication-and-security/authentication/saml/dan1370796470811.html?toc=1.5.1) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Workday account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS** > **Select**. 3. For **Application**, enter `Workday` and select the corresponding textbox that appears. 4. For the authentication protocol, select **SAML**. @@ -30,7 +30,7 @@ This guide covers how to configure [Workday](https://doc.workday.com/admin-guide ## 2. Download the metadata file -1. Paste the SAML Metadata endpoint from application configuration in Cloudflare Zero Trust in a web browser. +1. Paste the SAML Metadata endpoint from application configuration in Cloudflare One in a web browser. 2. Follow your browser-specific steps to download the URL's contents as an `.xml` file. ## 3. Add a SAML SSO provider to Workday @@ -40,11 +40,11 @@ This guide covers how to configure [Workday](https://doc.workday.com/admin-guide 3. In the **SAML Identity Providers** table, select **+**. 4. Fill in the following fields: - **Identity Provider Name**: Your desired name for the identity provider (for example, `Cloudflare Access`) - - **Issuer**: Access Entity ID or Issuer from application configuration in Cloudflare Zero Trust - - **IdP SSO Service URL**: SSO endpoint from application configuration in Cloudflare Zero Trust + - **Issuer**: Access Entity ID or Issuer from application configuration in Cloudflare One + - **IdP SSO Service URL**: SSO endpoint from application configuration in Cloudflare One 5. Under **x509 Certificate**, select the menu icon > **Create x509 Public Key**. 6. Under **Name**, enter a unique name (for example, `access`). -7. Under **Certificate**, paste the Public key from application configuration in Cloudflare Zero Trust. +7. Under **Certificate**, paste the Public key from application configuration in Cloudflare One. 8. Select **OK**. 9. If you want to enable SP-initiated login (login initiated by going to your Workday URL), fill in the following fields: - **SP Initiated**: Turn on. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/zendesk-sso-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/zendesk-sso-saas.mdx index 15b7a8dbd25e3a..782e093d24843d 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/zendesk-sso-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/zendesk-sso-saas.mdx @@ -6,24 +6,24 @@ sidebar: order: 29 --- -This guide covers how to configure [Zendesk](https://support.zendesk.com/hc/en-us/articles/4408887505690-Enabling-SAML-single-sign-on#topic_u54_wc3_z2b) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Zendesk](https://support.zendesk.com/hc/en-us/articles/4408887505690-Enabling-SAML-single-sign-on#topic_u54_wc3_z2b) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to your Zendesk account ## Configure Zendesk and Cloudflare 1. Go to your Zendesk administrator dashboard, typically available at `.zendesk.com/admin/security/sso`. -2. In a separate tab or window, open [Zero Trust](https://one.dash.cloudflare.com), select your account, and go to **Access** > **Applications**. +2. In a separate tab or window, open [Cloudflare One](https://one.dash.cloudflare.com), select your account, and go to **Access controls** > **Applications**. 3. Select **Add an application**, then choose _SaaS_. -4. Input the following values in the Zero Trust application configuration: +4. Input the following values in the Cloudflare One application configuration: - | Zero Trust field | Value | + | Cloudflare One field | Value | | ---------------------------------- | ----------------------------------------------- | | **Entity ID** | `https://.zendesk.com` | | **Assertion Consumer Service URL** | contents of **SAML SSO URL** in Zendesk account | diff --git a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/zoom-saas.mdx b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/zoom-saas.mdx index 6aee21b46da033..c2f47e8d28be97 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/zoom-saas.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/http-apps/saas-apps/zoom-saas.mdx @@ -6,18 +6,18 @@ sidebar: order: 30 --- -This guide covers how to configure [Zoom](https://support.zoom.com/hc/en/article?id=zm_kb&sysparm_article=KB0060673) as a SAML application in Cloudflare Zero Trust. +This guide covers how to configure [Zoom](https://support.zoom.com/hc/en/article?id=zm_kb&sysparm_article=KB0060673) as a SAML application in Cloudflare One. ## Prerequisites -- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare Zero Trust +- An [identity provider](/cloudflare-one/integrations/identity-providers/) configured in Cloudflare One - Admin access to a Zoom Business, Education, or Enterprise account - An [associated domain](https://support.zoom.com/hc/en/article?id=zm_kb&sysparm_article=KB0066259) configured in your Zoom account - A [vanity URL](https://support.zoom.com/hc/en/article?id=zm_kb&sysparm_article=KB0061540) configured in your Zoom account -## 1. Add a SaaS application to Cloudflare Zero Trust +## 1. Add a SaaS application to Cloudflare One -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **SaaS** > **Select**. 3. For **Application**, select _Zoom_. 4. For the authentication protocol, select **SAML**. @@ -35,10 +35,10 @@ This guide covers how to configure [Zoom](https://support.zoom.com/hc/en/article 1. In Zoom, go to **Advanced** > **Single Sign-On**. 2. For **Vanity URL**, select the vanity URL you want to configure SSO for. 3. Fill out the following fields: - - **Sign in page URL**: SSO endpoint from application configuration in Cloudflare Zero Trust - - **Identity Provider Certificate**: Public key from application configuration in Cloudflare Zero Trust + - **Sign in page URL**: SSO endpoint from application configuration in Cloudflare One + - **Identity Provider Certificate**: Public key from application configuration in Cloudflare One - **Service Provider (SP) Entity ID**: `yourvanityurl.zoom.us` (no `https://`) - - **Issuer (DP Entity ID)**: Access Entity ID or Issuer from application configuration in Cloudflare Zero Trust + - **Issuer (DP Entity ID)**: Access Entity ID or Issuer from application configuration in Cloudflare One 4. For **Binding**, select _http-redirect_. 5. For **Signature Hash Algorithm**, ensure **SHA-256** is selected. 6. Under **Security**, turn off **Sign SAML request** and **Sign SAML logout request**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/non-http/browser-rendering.mdx b/src/content/docs/cloudflare-one/access-controls/applications/non-http/browser-rendering.mdx index 70bce452399e0b..d74fb3f82ffd63 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/non-http/browser-rendering.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/non-http/browser-rendering.mdx @@ -22,7 +22,7 @@ Cloudflare can render SSH, VNC, and RDP applications in a browser without the ne To turn on browser rendering for an SSH or VNC application: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Locate the SSH or VNC application you created when [connecting the server to Cloudflare](/cloudflare-one/networks/connectors/cloudflare-tunnel/use-cases/ssh/). Select **Configure**. 3. In the **Policies** tab, ensure that only **Allow** or **Block** policies are present. **Bypass** and **Service Auth** are not supported for browser-rendered applications. 4. Go to **Advanced settings** > **Browser rendering settings**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/non-http/cloudflared-authentication/automatic-cloudflared-authentication.mdx b/src/content/docs/cloudflare-one/access-controls/applications/non-http/cloudflared-authentication/automatic-cloudflared-authentication.mdx index 219b288bb671db..35c9e8106764fb 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/non-http/cloudflared-authentication/automatic-cloudflared-authentication.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/non-http/cloudflared-authentication/automatic-cloudflared-authentication.mdx @@ -14,7 +14,7 @@ Automatic `cloudflared` authentication allows users to skip this login page if t To enable automatic `cloudflared` authentication: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Locate your application and select **Configure**. 3. Go to **Advanced settings** > **Browser rendering settings**. 4. Turn on **Enable automatic cloudflared authentication**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/non-http/legacy-private-network-app.mdx b/src/content/docs/cloudflare-one/access-controls/applications/non-http/legacy-private-network-app.mdx index b7a9cf2ba68eb6..0c838d054e48fc 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/non-http/legacy-private-network-app.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/non-http/legacy-private-network-app.mdx @@ -14,7 +14,7 @@ You can configure a **Private Network** application to manage access to specific To create a private network application: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications** > **Add an application**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications** > **Add an application**. 2. Select **Private Network**. diff --git a/src/content/docs/cloudflare-one/access-controls/applications/non-http/short-lived-certificates-legacy.mdx b/src/content/docs/cloudflare-one/access-controls/applications/non-http/short-lived-certificates-legacy.mdx index c153859d4b8cc9..e37cc5cc39ac26 100644 --- a/src/content/docs/cloudflare-one/access-controls/applications/non-http/short-lived-certificates-legacy.mdx +++ b/src/content/docs/cloudflare-one/access-controls/applications/non-http/short-lived-certificates-legacy.mdx @@ -39,13 +39,15 @@ Cloudflare Access will take the identity from a token and, using short-lived cer ## 3. Generate a short-lived certificate public key -1. In Zero Trust, go to **Access** > **Service auth** > **SSH**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Service credentials**. -2. In the **Application** dropdown, choose the Access application that represents your SSH server. +2. Go to the **SSH** tab. -3. Select **Generate certificate**. A row will appear with a public key scoped to your application. +3. In the **Application** dropdown, choose the Access application that represents your SSH server. -4. Save the key or keep it somewhere convenient for configuring your server. +4. Select **Generate certificate**. A row will appear with a public key scoped to your application. + +5. Save the key or keep it somewhere convenient for configuring your server. You can return to copy this public key any time in the Service Auth dashboard. ## 4. Save your public key diff --git a/src/content/docs/cloudflare-one/cloud-and-saas-findings/casb-dlp.mdx b/src/content/docs/cloudflare-one/cloud-and-saas-findings/casb-dlp.mdx index 7a9aadbf009d09..7693efbe6bc15b 100644 --- a/src/content/docs/cloudflare-one/cloud-and-saas-findings/casb-dlp.mdx +++ b/src/content/docs/cloudflare-one/cloud-and-saas-findings/casb-dlp.mdx @@ -42,8 +42,8 @@ For more information, refer to [Configure a DLP profile](/cloudflare-one/data-lo ### Add a new integration -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Integrations**. -2. Select **Add integration** and choose a [supported integration](#supported-integrations). +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Cloud & SaaS findings** > **Integrations**. +2. Select **Connect an integration** and choose a [supported integration](#supported-integrations). 3. During the setup process, you will be prompted to select DLP profiles for the integration. 4. Select **Save integration**. @@ -51,7 +51,7 @@ CASB will scan every publicly accessible file in the integration for text that m ### Modify an existing integration -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Integrations**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Cloud & SaaS findings** > **Integrations**. 2. Choose a [supported integration](#supported-integrations) and select **Configure**. 3. Under **DLP profiles**, select the profiles that you want the integration to scan for. 4. Select **Save integration**. diff --git a/src/content/docs/cloudflare-one/cloud-and-saas-findings/manage-findings.mdx b/src/content/docs/cloudflare-one/cloud-and-saas-findings/manage-findings.mdx index 50608acd3474f3..d03c81ffcdd1fb 100644 --- a/src/content/docs/cloudflare-one/cloud-and-saas-findings/manage-findings.mdx +++ b/src/content/docs/cloudflare-one/cloud-and-saas-findings/manage-findings.mdx @@ -10,11 +10,11 @@ head: import { TabItem, Tabs, Details } from "~/components"; -Findings are security issues detected within SaaS and cloud applications that involve users, data at rest, and other configuration settings. With Cloudflare CASB, you can review a comprehensive list of findings in Zero Trust and immediately start taking action on the issues found. +Findings are security issues detected within SaaS and cloud applications that involve users, data at rest, and other configuration settings. With Cloudflare CASB, you can review a comprehensive list of findings in Cloudflare One and immediately start taking action on the issues found. ## Prerequisites -- You have added a [CASB integration](/cloudflare-one/integrations/cloud-and-saas/). +- You have added a [Cloud and SaaS integration](/cloudflare-one/integrations/cloud-and-saas/). - Your scan has surfaced at least one security finding. ## Posture findings @@ -23,11 +23,11 @@ Posture findings include misconfigurations, unauthorized user activity, and othe To view details about the posture findings that CASB found: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Posture**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Cloud & SaaS findings** > **Posture Findings**. 2. Choose **SaaS** or **Cloud**. 3. To view details about a finding, select the finding's name -CASB will display details about your posture finding, including the finding type, [severity level](#severity-levels), number of instances, associated integration, current status, and date detected. For more information on each instance of the finding, select **Manage**. +Cloud & SaaS findings will display details about your posture finding, including the finding type, [severity level](#severity-levels), number of instances, associated integration, current status, and date detected. For more information on each instance of the finding, select **Manage**. To manage the finding's visibility, you can update the finding's [severity level](#severity-levels) or [hide the finding](#hide-findings) from view. Additionally, some findings provide a remediation guide to resolve the issue or support [creating a Gateway HTTP policy](#resolve-finding-with-a-gateway-policy) to block the traffic. @@ -46,7 +46,7 @@ Cloudflare CASB labels each finding with one of the following severity levels: You can change the severity level for a finding at any time in case the default assignment does not suit your environment: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Posture**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Cloud & SaaS findings** > **Posture Findings**. 2. Locate the finding you want to modify and select **Manage**. 3. In the severity level drop-down menu, choose your desired setting (_Critical_, _High_, _Medium_, or _Low_). @@ -58,11 +58,11 @@ Content findings include instances of potential data exposure as identified by [ To view details about the content findings that CASB found: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Content**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Cloud & SaaS findings** > **Content Findings**. 2. Choose **SaaS** or **Cloud**. 3. To view details about a finding, select the finding's name. -CASB will display details about your content finding, including the file name, a link to the file, matching DLP profiles, associated integration, and date detected. +Cloud & SaaS findings will display details about your content finding, including the file name, a link to the file, matching DLP profiles, associated integration, and date detected. AWS users can configure a [compute account](/cloudflare-one/integrations/cloud-and-saas/aws-s3/#compute-account) to scan for data security resources within their S3 resources. @@ -72,7 +72,7 @@ File findings for some integrations (such as [Microsoft 365](/cloudflare-one/int -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Posture**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Cloud & SaaS findings** > **Posture Findings**. 2. Choose **SaaS** or **Cloud**. 3. Locate the individual finding, then select **Manage**. 4. In **Active Instances**, select the file name. @@ -82,7 +82,7 @@ File findings for some integrations (such as [Microsoft 365](/cloudflare-one/int -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Content**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Cloud & SaaS findings** > **Content Findings**. 2. Choose **SaaS** or **Cloud**. 3. Select the file name of the detected asset. 4. In **Sharing details**, select the linked file instance. @@ -95,7 +95,7 @@ After reviewing your findings, you may decide that certain posture findings are ### Ignore a finding -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Posture**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Cloud & SaaS findings** > **Posture Findings**. 2. Locate the active finding you want to hide. 3. In the three-dot menu, select **Move to ignore**. @@ -103,7 +103,7 @@ The finding's status will change from **Active** to **Ignored**. CASB will conti ### Hide an instance of a finding -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Posture**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Cloud & SaaS findings** > **Posture Findings**. 2. Choose the active finding you want to hide, then select **Manage**. 3. In **Active**, find the instance you want to hide. 4. In the three-dot menu, select **Move to hidden**. @@ -129,7 +129,7 @@ CASB supports remediation for findings from the [Microsoft 365 integration](/clo Before you can remediate findings, [add a new integration](/cloudflare-one/integrations/cloud-and-saas/#add-an-integration) and choose _Read-Write mode_ during setup. Alternatively, you can update an existing integration: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Integrations**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Cloud & SaaS findings** > **Integrations**. 2. Choose your integration, then select **Configure**. 3. In **Integration permissions**, choose _Read-Write mode_. 4. Select **Update integration**. CASB will redirect you to your Microsoft 365 configuration. @@ -141,7 +141,7 @@ CASB can now remediate supported findings directly. To remediate a supported finding: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Posture Findings**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Cloud & SaaS findings** > **Posture Findings**. 2. Choose a supported finding type, then select **Manage**. 3. In **Active Instances**, select an instance. 4. In **Remediation details**, choose a remediation action to take. @@ -150,7 +150,7 @@ CASB will begin remediating the instance. ### Manage remediated findings -Remediated findings will appear in **CASB** > **Posture Findings** > **Remediated findings**. The status of the finding will change depending on what action CASB has taken: +Remediated findings will appear in **Cloud & SaaS findings** > **Posture Findings**. The status of the finding will change depending on what action CASB has taken: | Status | Description | | ---------- | --------------------------------------------------------------------------------------------------------------- | @@ -164,7 +164,7 @@ Remediated findings will appear in **CASB** > **Posture Findings** > **Remediate If the status is **Completed**, remediation succeeded. If the status is **Failed** or **Rejected**, remediation failed, and you can select the finding to take action again. -CASB will log remediation actions in **Logs** > **Admin**. For more information, refer to [Zero Trust Logs](/cloudflare-one/insights/logs/). +CASB will log remediation actions in **Logs** > **Admin**. For more information, refer to [Cloudflare One Logs](/cloudflare-one/insights/logs/). ## Resolve finding with a Gateway policy @@ -187,7 +187,7 @@ Ensure that you have [enabled HTTP filtering](/cloudflare-one/traffic-policies/i To create a Gateway policy directly from a CASB finding: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Posture** or **CASB** > **Content**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Cloud & SaaS findings** > **Posture Findings** or **Cloud & SaaS findings** > **Content Findings**. 2. Choose **SaaS** or **Cloud**. 3. Choose the finding you want to modify, then select **Manage**. 4. Find the instance you want to block and select its three-dot menu. diff --git a/src/content/docs/cloudflare-one/integrations/cloud-and-saas/aws-s3.mdx b/src/content/docs/cloudflare-one/integrations/cloud-and-saas/aws-s3.mdx index 66a4f73aa1e24e..3881db4254c7ef 100644 --- a/src/content/docs/cloudflare-one/integrations/cloud-and-saas/aws-s3.mdx +++ b/src/content/docs/cloudflare-one/integrations/cloud-and-saas/aws-s3.mdx @@ -46,7 +46,7 @@ You can only connect one computer account to an integration. To remove a compute Once your AWS compute account has successfully connected to your CASB integration, you can configure where and how to scan for sensitive data: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Integrations**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Cloud & SaaS integrations**. 2. Find and select your AWS integration. 3. Select **Create new configuration**. 4. In **Resources**, choose the buckets you want to scan. Select **Continue**. @@ -55,9 +55,9 @@ Once your AWS compute account has successfully connected to your CASB integratio 7. Select **Continue**. 8. Review the details of the scan, then select **Start scan**. -CASB will take up to an hour to begin scanning. To view the scan results, go to **CASB** > **Content** > **Cloud**. +CASB will take up to an hour to begin scanning. To view the scan results, go to **Cloud & SaaS findings** > **Content Findings**. -To manage your resources, go to **CASB** > **Integrations**, then find and select your AWS integration. From here, you can pause all or individual scans, add or remove resources, and change scan settings. +To manage your resources, go to **Integrations** > **Cloud & SaaS integrations**, then find and select your AWS integration. From here, you can pause all or individual scans, add or remove resources, and change scan settings. For more information, refer to [Content findings](/cloudflare-one/cloud-and-saas-findings/manage-findings/#content-findings). diff --git a/src/content/docs/cloudflare-one/integrations/cloud-and-saas/gcp-cloud-storage.mdx b/src/content/docs/cloudflare-one/integrations/cloud-and-saas/gcp-cloud-storage.mdx index 7e689e9c902d2f..278cbb94484811 100644 --- a/src/content/docs/cloudflare-one/integrations/cloud-and-saas/gcp-cloud-storage.mdx +++ b/src/content/docs/cloudflare-one/integrations/cloud-and-saas/gcp-cloud-storage.mdx @@ -39,7 +39,7 @@ You can connect a GCP compute account to your CASB integration to perform [Data To connect a compute account to your GCP integration: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Integrations**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Cloud & SaaS integrations**. 2. Find and select your GCP integration. 3. Select **Open connection instructions**. 4. Follow the instructions provided to connect a new compute account. @@ -51,7 +51,7 @@ You can only connect one compute account to an integration. To remove a compute Once your GCP compute account has successfully connected to your CASB integration, you can configure where and how to scan for sensitive data: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Integrations**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Cloud & SaaS integrations**. 2. Find and select your GCP integration. 3. Select **Create new configuration**. 4. In **Resources**, choose the buckets you want to scan. Select **Continue**. @@ -60,9 +60,9 @@ Once your GCP compute account has successfully connected to your CASB integratio 7. Select **Continue**. 8. Review the details of the scan, then select **Start scan**. -CASB will take up to one hour to begin scanning. To view the scan results, go to **CASB** > **Content** > **Cloud**. +CASB will take up to one hour to begin scanning. To view the scan results, go to **Cloud & SaaS findings** > **Content Findings**. -To manage your resources, go to **CASB** > **Integrations**, then find and select your GCP integration. From here, you can pause all or individual scans, add or remove resources, and change scan settings. +To manage your resources, go to **Cloud & SaaS findings** > **Integrations**, then find and select your GCP integration. From here, you can pause all or individual scans, add or remove resources, and change scan settings. For more information, refer to [Content findings](/cloudflare-one/cloud-and-saas-findings/manage-findings/#content-findings). diff --git a/src/content/docs/cloudflare-one/integrations/cloud-and-saas/troubleshooting/troubleshoot-compute-accounts.mdx b/src/content/docs/cloudflare-one/integrations/cloud-and-saas/troubleshooting/troubleshoot-compute-accounts.mdx index 3e8c43be0c6696..9176b4be281dc1 100644 --- a/src/content/docs/cloudflare-one/integrations/cloud-and-saas/troubleshooting/troubleshoot-compute-accounts.mdx +++ b/src/content/docs/cloudflare-one/integrations/cloud-and-saas/troubleshooting/troubleshoot-compute-accounts.mdx @@ -13,7 +13,7 @@ Cloudflare CASB detects when compute accounts are unhealthy or outdated. Common To identify unhealthy compute accounts: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Integrations**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Cloud & SaaS integrations**. 2. Choose the integration you created for cloud scanning. 3. Select **Manage compute accounts**. @@ -31,7 +31,7 @@ Upgrading a compute account applies the latest software features, bug fixes, and To upgrade a compute account: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Integrations**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Cloud & SaaS integrations**. 2. Choose the integration you created for cloud scanning. 3. Select **Open connection instructions**. 4. Follow the instructions provided to validate your local Terraform and CLI configuration. diff --git a/src/content/docs/cloudflare-one/integrations/cloud-and-saas/troubleshooting/troubleshoot-integrations.mdx b/src/content/docs/cloudflare-one/integrations/cloud-and-saas/troubleshooting/troubleshoot-integrations.mdx index 4f9e4f7394e3b8..718e6b9584713b 100644 --- a/src/content/docs/cloudflare-one/integrations/cloud-and-saas/troubleshooting/troubleshoot-integrations.mdx +++ b/src/content/docs/cloudflare-one/integrations/cloud-and-saas/troubleshooting/troubleshoot-integrations.mdx @@ -11,7 +11,7 @@ Common integration issues include changes to SaaS app or cloud environment confi ## Identify unhealthy or outdated integrations -To identify unhealthy CASB integrations, go to **CASB** > **Integrations**. If an integration is unhealthy, CASB will set its status to **Broken**. If an integration is outdated, CASB will set its status to **Upgrade**. +To identify unhealthy CASB integrations, go to **Integrations** > **Cloud & SaaS integrations**. If an integration is unhealthy, CASB will set its status to **Broken**. If an integration is outdated, CASB will set its status to **Upgrade**. ## Repair an unhealthy integration @@ -21,7 +21,7 @@ If CASB does not support self-service repairs for an integration, you will need You can repair unhealthy CASB integrations through your list of integrations or findings. -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Integrations**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Cloud & SaaS integrations**. 2. Choose your unhealthy integration. 3. Select **Reauthorize**. 4. In your SaaS app or cloud environment, reauthorize your account. @@ -30,7 +30,7 @@ You can repair unhealthy CASB integrations through your list of integrations or Upgrading an outdated integration will allow the integration to access new features and permissions. -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Integrations**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Cloud & SaaS integrations**. 2. Choose your outdated integration. 3. Select **Upgrade integration**. 4. In your SaaS app or cloud environment, upgrade your app and reauthorize your account.