diff --git a/src/content/docs/cloudflare-one/access-controls/access-settings/session-management.mdx b/src/content/docs/cloudflare-one/access-controls/access-settings/session-management.mdx
index 147adfc10a7ab9f..e2da4bce8ade61a 100644
--- a/src/content/docs/cloudflare-one/access-controls/access-settings/session-management.mdx
+++ b/src/content/docs/cloudflare-one/access-controls/access-settings/session-management.mdx
@@ -32,8 +32,8 @@ The global session duration determines how often Cloudflare Access prompts the u
To set the global session duration:
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**.
-2. Under **Global session timeout**, select **Edit**,
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Access settings**.
+2. Under **Set your global session duration**, select **Edit**,
3. Select the desired timeout duration from the dropdown menu.
4. Select **Save**.
@@ -47,7 +47,7 @@ By default, the policy session duration is equal to the [application session dur
To set the policy session duration:
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Policies**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Policies**.
2. Choose a policy and select **Configure**.
3. Select a **Session Duration** from the dropdown menu.
4. Save the policy.
@@ -60,7 +60,7 @@ The application session duration is the default [policy session duration](#polic
To set the application session duration:
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**.
2. Choose an application and select **Configure**.
3. Select a **Session Duration** from the dropdown menu.
4. Save the application.
@@ -123,7 +123,7 @@ Access provides two options for revoking user sessions: per-application and per-
To immediately terminate all active sessions for a specific application:
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**.
2. Locate the application for which you would like to revoke active sessions and select **Configure**.
@@ -139,11 +139,11 @@ If you want to permanently revoke a user's access:
1. Disable their account in your identity provider so that they cannot authenticate.
-2. In [Zero Trust](https://one.dash.cloudflare.com), go to **My Team** > **Users**.
+2. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Team & Resources** > **Users**.
3. Select the checkbox next to the user you want to revoke.
-4. Select **Action** > **Revoke access**.
+4. Select **Action** > **Revoke**.
The user will no longer be able to log in to any application protected by Access. The user will still count towards your seat subscription until you [remove the user](/cloudflare-one/team-and-resources/users/seat-management) from your account.
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/adfs.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/adfs.mdx
index 8e3bedb21ae8625..589770a7a0d385a 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/adfs.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/adfs.mdx
@@ -1,7 +1,7 @@
---
pcx_content_type: how-to
title: Active Directory (SAML)
-description: Integrate Active Directory with Cloudflare Zero Trust for secure identity management.
+description: Integrate Active Directory with Cloudflare One for secure identity management.
---
import { GlossaryTooltip } from "~/components";
@@ -9,7 +9,7 @@ import { GlossaryTooltip } from "~/components";
:::caution
Microsoft recommends migrating your Active Directory Federation Service (AD FS) SSO to Microsoft Entra ID. For more information, refer to [Microsoft Learn](https://learn.microsoft.com/windows-server/identity/ad-fs/ad-fs-overview).
-To set up the Microsoft Entra ID IdP integration with Zero Trust, refer to [Microsoft Entra ID](/cloudflare-one/integrations/identity-providers/entra-id/).
+To set up the Microsoft Entra ID IdP integration with Cloudflare One, refer to [Microsoft Entra ID](/cloudflare-one/integrations/identity-providers/entra-id/).
:::
Active Directory is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Active Directory integrates with Cloudflare Access using Security Assertion Markup Language (SAML).
@@ -65,7 +65,7 @@ To create a Relying Party Trust:
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com) under **Settings** > **Team name**.
15. Select **Next**. The **Configure Identifiers** step displays.
@@ -170,15 +170,15 @@ To ensure that AD FS signs the full response when communicating with Cloudflare,
Set-ADFSRelyingPartyTrust -TargetName "Name of RPT Display Name" -SamlResponseSignature "MessageAndAssertion"
```
-## Configure Cloudflare Zero Trust
+## Configure Cloudflare One
-To enable Cloudflare Zero Trust to accept the claims and assertions sent from AD FS, follow these steps:
+To enable Cloudflare One to accept the claims and assertions sent from AD FS, follow these steps:
-1. In Zero Trust, go to **Settings** > **Authentication**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
-2. Under **Login methods**, select **Add new**.
+2. Under **Your identity providers**, select **Add new identity provider**.
-3. The **Add a SAML identity provider** card displays.
+3. Select **SAML**.
4. Enter an IdP **Name**.
@@ -190,7 +190,7 @@ To enable Cloudflare Zero Trust to accept the claims and assertions sent from AD
This is the default location. You can find your federation service identifier in AD FS.
-6. In the **IdP Entity ID or Issuer URL** field, enter your Zero Trust team domain and include this callback at the end of the path: `/cdn-cgi/access/callback`. For example:
+6. In the **IdP Entity ID or Issuer URL** field, enter your Cloudflare One team domain and include this callback at the end of the path: `/cdn-cgi/access/callback`. For example:
```txt
https://.cloudflareaccess.com/cdn-cgi/access/callback
@@ -202,7 +202,7 @@ To enable Cloudflare Zero Trust to accept the claims and assertions sent from AD
8. Select **Save**.
-To test that your connection is working, go to **Authentication** > **Login methods** and select **Test** next to the login method you want to test.
+To test that your connection is working, go to **Integrations** > **Identity providers** and select **Test** next to the identity provider you want to test.
## Download SP metadata (optional)
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/aws-saml.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/aws-saml.mdx
index b26853f228baeb2..2bbd7259233d819 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/aws-saml.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/aws-saml.mdx
@@ -25,9 +25,9 @@ To set up SAML with AWS IAM as your identity provider:
6. Select **Next**.
-7. Enter a **Display name** for the application (for example, `Cloudflare Zero Trust`).
+7. Enter a **Display name** for the application (for example, `Cloudflare One`).
-8. Download the **IAM Identity Center SAML metadata file**. You will need this file later when configuring the identity provider in Zero Trust.
+8. Download the **IAM Identity Center SAML metadata file**. You will need this file later when configuring the identity provider in Cloudflare One.
9. Under **Application metadata**, select **Manually type your metadata values**.
@@ -37,7 +37,7 @@ To set up SAML with AWS IAM as your identity provider:
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
-You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com) under **Settings** > **Team name**.
11. Select **Submit**.
@@ -57,11 +57,11 @@ You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
15. Select **Save changes**.
-16. Under **Assign users and groups**, add individuals and/or groups that should be allowed to login to Zero Trust.
+16. Under **Assign users and groups**, add individuals and/or groups that should be allowed to login to Cloudflare One.
-17. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**.
+17. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
-18. Under **Login Methods**, select **Add new**.
+18. Under **Your identity providers**, select **Add new identity provider**.
19. Select **SAML**.
@@ -73,7 +73,7 @@ You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
23. Select **Save**.
-To [test](/cloudflare-one/integrations/identity-providers/#test-idps-in-zero-trust) that your connection is working, select **Test**.
+To [test](/cloudflare-one/integrations/identity-providers/#test-idps-in-cloudflare-one) that your connection is working, select **Test**.
## Example API configuration
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/awscognito-oidc.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/awscognito-oidc.mdx
index 583597fb9779189..114c00918411ee9 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/awscognito-oidc.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/awscognito-oidc.mdx
@@ -3,7 +3,7 @@ pcx_content_type: how-to
title: Amazon Cognito
---
-Amazon Cognito provides SSO identity management for end users of web and mobile apps. You can integrate Amazon Cognito as an OIDC identity provider for Cloudflare Zero Trust.
+Amazon Cognito provides SSO identity management for end users of web and mobile apps. You can integrate Amazon Cognito as an OIDC identity provider for Cloudflare One.
## Prerequisites
@@ -53,7 +53,7 @@ To retrieve those values:
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com) under **Settings** > **Team name**.
2. Select **Identity providers** to use with this app client. At minimum, enable **Cognito user pool** as a provider.
@@ -69,9 +69,9 @@ To retrieve those values:
### 2. Add Amazon Cognito as an identity provider
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Authentication**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Identity providers**.
-2. Under **Login methods**, select **Add new**.
+2. Under **Your identity providers**, select **Add new identity provider**.
3. Select **OpenID Connect**.
@@ -83,7 +83,7 @@ To retrieve those values:
7. Select **Save**.
-To [test](/cloudflare-one/integrations/identity-providers/#test-idps-in-zero-trust) that your connection is working, select **Test**.
+To [test](/cloudflare-one/integrations/identity-providers/#test-idps-in-cloudflare-one) that your connection is working, select **Test**.
## Example API Configuration
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/centrify-saml.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/centrify-saml.mdx
index 2b2d7b12f3dd6b9..c6e3c07173556dc 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/centrify-saml.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/centrify-saml.mdx
@@ -1,7 +1,7 @@
---
pcx_content_type: how-to
title: Centrify (SAML)
-description: Learn how to integrate Centrify as a SAML identity provider with Cloudflare Zero Trust.
+description: Learn how to integrate Centrify as a SAML identity provider with Cloudflare One.
---
Centrify secures access to infrastructure, DevOps, cloud, and other modern enterprise so you can prevent the number one cause of breaches: privileged access abuse.
@@ -35,7 +35,7 @@ Centrify secures access to infrastructure, DevOps, cloud, and other modern enter
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com) under **Settings** > **Team name**.
11. Select **Save**.
@@ -59,11 +59,11 @@ Centrify secures access to infrastructure, DevOps, cloud, and other modern enter
20. Select the **Manual Configuration** option.
-### 2. Add Centrify to Zero Trust
+### 2. Add Centrify to Cloudflare One
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Authentication**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Identity providers**.
-2. Under **Login methods**, select **Add new**.
+2. Under **Your identity providers**, select **Add new identity provider**.
3. Select **SAML**.
@@ -75,7 +75,7 @@ Centrify secures access to infrastructure, DevOps, cloud, and other modern enter
7. Select **Save**.
-To test that your connection is working, go to **Authentication** > **Login methods** and select **Test** next to the login method you want to test.
+To test that your connection is working, go to **Integrations** > **Identity providers** and select **Test** next to the identity provider you want to test.
## Download SP metadata (optional)
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/centrify.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/centrify.mdx
index f36f69c6dc8cdd8..267a0f08f46fd8d 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/centrify.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/centrify.mdx
@@ -39,7 +39,7 @@ Centrify secures access to infrastructure, DevOps, cloud, and other modern enter
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com) under **Settings** > **Team name**.
@@ -56,11 +56,11 @@ Centrify secures access to infrastructure, DevOps, cloud, and other modern enter
16. Select the roles to grant access to your application.
-### 2. Add Centrify to Zero Trust
+### 2. Add Centrify to Cloudflare One
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
-2. Under **Login methods**, select **Add new**.
+2. Under **Your identity providers**, select **Add new identity provider**.
3. Paste in the **Client ID**, **Client Secret**, **Centrify account URL** and **Application ID**.
@@ -69,7 +69,7 @@ Centrify secures access to infrastructure, DevOps, cloud, and other modern enter
5. (Optional) Under **Optional configurations**, enter [custom OIDC claims](/cloudflare-one/integrations/identity-providers/generic-oidc/#custom-oidc-claims) that you wish to add to your users' identity.
6. Select **Save**.
-To test that your connection is working, go to **Authentication** > **Login methods** and select **Test** next to the login method you want to test.
+To test that your connection is working, go to **Integrations** > **Identity providers** and select **Test** next to the identity provider you want to test.
## Example API Config
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/citrixadc-saml.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/citrixadc-saml.mdx
index c6aaa613f55952e..0cc68e80af273f5 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/citrixadc-saml.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/citrixadc-saml.mdx
@@ -3,7 +3,7 @@ pcx_content_type: how-to
title: Citrix ADC (SAML)
---
-Cloudflare Zero Trust can integrate with Citrix ADC (formerly Citrix NetScaler ADC) as a SAML IdP. Documentation from Citrix shows you [how to configure Citrix ADC as a SAML IdP](https://docs.citrix.com/en-us/citrix-adc/12-1/aaa-tm/saml-authentication/citrix-adc-saml-idp.html). These steps are specific to Cloudflare Zero Trust.
+Cloudflare One can integrate with Citrix ADC (formerly Citrix NetScaler ADC) as a SAML IdP. Documentation from Citrix shows you [how to configure Citrix ADC as a SAML IdP](https://docs.citrix.com/en-us/citrix-adc/12-1/aaa-tm/saml-authentication/citrix-adc-saml-idp.html). These steps are specific to Cloudflare One.
## Set up Citrix ADC (SAML)
@@ -67,9 +67,9 @@ To set up Citrix ADC (SAML) as your identity provider:
bind authentication vserver nsidp -policy samlPol_CloudflareAccess
```
-3. In Zero Trust, go to **Settings** > **Authentication**.
+3. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
-4. Under **Login methods**, select **Add new**.
+4. Under **Your identity providers**, select **Add new identity provider**.
5. Configure the fields as follows:
@@ -83,4 +83,4 @@ To set up Citrix ADC (SAML) as your identity provider:
6. Select **Save**.
-To test that your connection is working, go to **Authentication** > **Login methods** and select **Test** next to the login method you want to test.
+To test that your connection is working, go to **Integrations** > **Identity providers** and select **Test** next to the identity provider you want to test.
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/entra-id.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/entra-id.mdx
index 2c1864ddb895197..3be83e1e27ce90b 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/entra-id.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/entra-id.mdx
@@ -5,7 +5,7 @@ title: Microsoft Entra ID
import { Render, Tabs, TabItem, APIRequest } from "~/components";
-You can integrate Microsoft Entra ID (formerly Azure Active Directory) with Cloudflare Zero Trust and build policies based on user identity and group membership. Users will authenticate to Zero Trust using their Entra ID credentials.
+You can integrate Microsoft Entra ID (formerly Azure Active Directory) with Cloudflare One and build policies based on user identity and group membership. Users will authenticate to Cloudflare One using their Entra ID credentials.
## Set up Entra ID as an identity provider
@@ -35,7 +35,7 @@ To retrieve those values:
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
- In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Custom Pages** to find your team name.
+ In [Cloudflare One](https://one.dash.cloudflare.com), go to **Settings** > **Team name** to find your team name.
@@ -90,9 +90,9 @@ More narrow permissions may be used, however this is the set of permissions that
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
-2. Under **Login methods**, select **Add new**.
+2. Under **Your identity providers**, select **Add new identity provider**.
3. Select **Azure AD**.
@@ -100,7 +100,7 @@ More narrow permissions may be used, however this is the set of permissions that
5. Select **Save**.
-6. To [test](/cloudflare-one/integrations/identity-providers/#test-idps-in-zero-trust) that your connection is working, select **Test**.
+6. To [test](/cloudflare-one/integrations/identity-providers/#test-idps-in-cloudflare-one) that your connection is working, select **Test**.
7. (Optional) Configure the following settings:
- **Proof Key for Code Exchange**: Perform [PKCE](https://www.oauth.com/oauth2-servers/pkce/) on all login attempts.
@@ -148,7 +148,7 @@ The following example requires Cloudflare provider version `4.40.0` or greater.
If your organization's UPNs do not match users' email addresses, you must add a custom claim for email. For example, if your organization's email format is `user@domain.com` but the UPN is `u908080@domain.com`, you must create an email claim if you are configuring email-based policies.
-By default, Cloudflare will first look for the unique claim name you created and configured in Zero Trust to represent email (for example, `email_identifier`) in the `id_token` JSON response. If you did not configure a unique claim name, Cloudflare will then look for an `email` claim. Last, if neither claim exists, Cloudflare will look for the UPN claim.
+By default, Cloudflare will first look for the unique claim name you created and configured in Cloudflare One to represent email (for example, `email_identifier`) in the `id_token` JSON response. If you did not configure a unique claim name, Cloudflare will then look for an `email` claim. Last, if neither claim exists, Cloudflare will look for the UPN claim.
To receive an email claim in the `id_token` from Microsoft Entra, you must:
@@ -159,9 +159,9 @@ To receive an email claim in the `id_token` from Microsoft Entra, you must:
The example above includes both a UPN claim and an email claim. Because an email claim was created in the Microsoft Entra configuration, Cloudflare will look for the `email` key-value pair in the JSON response.
-3. If you gave your email claim another name than `email`, you must update your configuration in Zero Trust:
+3. If you gave your email claim another name than `email`, you must update your configuration in Cloudflare One:
- a. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication** > **Azure AD** > **Edit**.
+ a. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers** > **Azure AD** > **Edit**.
b. Under **Optional configurations** > **Email claim**, enter the name of the claim representing your organization's email addresses.
@@ -177,7 +177,7 @@ The Microsoft Entra ID integration allows you to synchronize IdP groups and auto
- Microsoft Entra ID P1 or P2 license
-### 1. Enable SCIM in Zero Trust
+### 1. Enable SCIM in Cloudflare One
select **New Configuration**.
-6. In the **Tenant URL** field, enter the **SCIM Endpoint** obtained from your Entra ID integration in Zero Trust [in the previous step](/cloudflare-one/integrations/identity-providers/entra-id/#1-enable-scim-in-zero-trust).
+6. In the **Tenant URL** field, enter the **SCIM Endpoint** obtained from your Entra ID integration in Cloudflare One [in the previous step](/cloudflare-one/integrations/identity-providers/entra-id/#1-enable-scim-in-zero-trust).
-7. In the **Secret token** field, enter the **SCIM Secret** obtained from your Entra ID integration in Zero Trust [in the previous step](/cloudflare-one/integrations/identity-providers/entra-id/#1-enable-scim-in-zero-trust).
+7. In the **Secret token** field, enter the **SCIM Secret** obtained from your Entra ID integration in Cloudflare One [in the previous step](/cloudflare-one/integrations/identity-providers/entra-id/#1-enable-scim-in-zero-trust).
-8. Select **Test Connection** to ensure that the credentials were entered correctly. If the test fails, go to your Entra ID integration in Zero Trust, select **Regenerate Secret**, select **Save**, and enter your new **SCIM Secret** in the **Secret token** field.
+8. Select **Test Connection** to ensure that the credentials were entered correctly. If the test fails, go to your Entra ID integration in Cloudflare One, select **Regenerate Secret**, select **Save**, and enter your new **SCIM Secret** in the **Secret token** field.
9. Select **Create**.
@@ -225,7 +225,7 @@ To check which users and groups were synchronized, select **Provisioning logs**.
-To monitor the exchange of identity details between Cloudflare Access and Microsoft Entra ID, go to [Zero Trust](https://one.dash.cloudflare.com) > **Logs** > **SCIM provisioning** and view the [SCIM activity logs](/cloudflare-one/insights/logs/scim-logs/).
+To monitor the exchange of identity details between Cloudflare Access and Microsoft Entra ID, go to [Cloudflare One](https://one.dash.cloudflare.com) > **Insights** > **Logs** > **SCIM provisioning logs** and view the [SCIM activity logs](/cloudflare-one/insights/logs/scim-logs/).
### Provisioning attributes
@@ -235,8 +235,8 @@ If not already configured, Cloudflare recommends enabling the following user att
| customappsso Attribute | Entra ID Attribute | Recommendation |
| ------------------------------ | ------------------ | -------------- |
-| `userName` | `userPrincipalName` or `mail` | Required. Must match the user's email address in Zero Trust. |
-| `emails[type eq "work"].value` | `mail` | Required. Must match the user's email address in Zero Trust. |
+| `userName` | `userPrincipalName` or `mail` | Required. Must match the user's email address in Cloudflare One. |
+| `emails[type eq "work"].value` | `mail` | Required. Must match the user's email address in Cloudflare One. |
| `name.givenName` | `givenName` | Recommended |
| `name.familyName` | `surname` | Recommended |
@@ -255,7 +255,7 @@ If building a Gateway policy, choose the [_User Group Names_](/cloudflare-one/tr
You can create Access and Gateway policies for groups that are not synchronized with SCIM. Entra ID exposes directory groups in a format that consists of random strings, the `Object Id`, that is distinct from the `Name`.
-1. Make sure you enable **Support groups** as you set up Microsoft Entra ID in Zero Trust.
+1. Make sure you enable **Support groups** as you set up Microsoft Entra ID in Cloudflare One.
2. In your Microsoft Entra dashboard, note the `Object Id` for the Entra group. In the example below, the group named Admins has an ID of `61503835-b6fe-4630-af88-de551dd59a2`.
@@ -265,7 +265,7 @@ You can create Access and Gateway policies for groups that are not synchronized
4. In the **Value** field, enter the `Object Id` for the Entra group.
- 
+ 
### Nested groups
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/facebook-login.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/facebook-login.mdx
index 384e37f05b553c0..f09b027608ceb46 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/facebook-login.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/facebook-login.mdx
@@ -33,9 +33,9 @@ Use these steps to set up Facebook as your identity provider.
-14. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**.
+14. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
-15. Under **Login methods**, select **Add new**.
+15. Under **Your identity providers**, select **Add new identity provider**.
16. Fill in the **App ID** and **App Secret** obtained from Facebook.
@@ -53,11 +53,11 @@ Use these steps to set up Facebook as your identity provider.
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com) under **Settings** > **Team name**.
22. Select **Save Changes**.
-To test that your connection is working, follow the steps on [SSO Integration](/cloudflare-one/integrations/identity-providers/#test-idps-in-zero-trust).
+To test that your connection is working, follow the steps on [SSO Integration](/cloudflare-one/integrations/identity-providers/#test-idps-in-cloudflare-one).
## Example API Configuration
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/generic-oidc.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/generic-oidc.mdx
index e7cdeaf1b13e587..c53f443e93d5fea 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/generic-oidc.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/generic-oidc.mdx
@@ -19,7 +19,7 @@ Cloudflare Access has a generic OpenID Connect (OIDC) connector to help you inte
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com) under **Settings** > **Team name**.
3. Copy the content of these fields:
- Client ID
@@ -30,13 +30,13 @@ Cloudflare Access has a generic OpenID Connect (OIDC) connector to help you inte
You can find these values on your identity provider's **OIDC discovery endpoint**. Some providers call this the "well-known URL".
-## 2. Add an OIDC provider to Zero Trust
+## 2. Add an OIDC provider to Cloudflare One
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
-2. Under **Login methods**, select **Add new**.
+2. Under **Your identity providers**, select **Add new identity provider**.
3. Choose **OpenID Connect**.
@@ -114,7 +114,7 @@ The generic OIDC integration allows you to synchronize user groups and automatic
Your identity provider must support SCIM version 2.0.
-### 1. Enable SCIM in Zero Trust
+### 1. Enable SCIM in Cloudflare One
**Authentication**.
-3. Under **Login methods**, find your identity provider and select **Edit**.
+2. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
+3. Under **Your identity providers**, find your identity provider and select **Edit**.
4. Under **OIDC Claims**, enter the name of your custom claim (for example, `oid`).
5. Select **Save**.
6. Select **Test** and verify that the custom claim appears in `oidc_fields`. For example,
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/generic-saml.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/generic-saml.mdx
index c71d098ce7e11a3..3725d25e547b622 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/generic-saml.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/generic-saml.mdx
@@ -7,7 +7,7 @@ sidebar:
import { Tabs, TabItem, Render } from "~/components";
-Cloudflare Zero Trust integrates with any identity provider that supports SAML 2.0. If your identity provider is not listed in the integration list of login methods in Zero Trust, it can be configured using SAML 2.0 (or OpenID if OIDC based). Generic SAML can also be used if you would like to pass additional SAML headers or claims for an IdP in the integration list.
+Cloudflare One integrates with any identity provider that supports SAML 2.0. If your identity provider is not listed in the integration list of login methods in Cloudflare One, it can be configured using SAML 2.0 (or OpenID if OIDC based). Generic SAML can also be used if you would like to pass additional SAML headers or claims for an IdP in the integration list.
## Prerequisites
@@ -28,7 +28,7 @@ The typical setup requirements are:
```txt
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com) under **Settings** > **Team name**.
3. Set the **Name ID/Email format** to `emailAddress`.
4. (Optional) Set the signature policy to _Always Sign_.
@@ -41,12 +41,12 @@ If your identity provider supports metadata file configuration, you can use the
To download the SAML metadata file, copy-paste the metadata endpoint into a web browser and save the page as an `.xml` file. Upload this XML file to the identity provider.
-## 2. Add a SAML identity provider to Zero Trust
+## 2. Add a SAML identity provider to Cloudflare One
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication** > **Login methods**.
-2. Select **Add new** and select **SAML**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
+2. Select **Add new identity provider** and select **SAML**.
3. Choose a descriptive name for your identity provider.
4. Enter the **Single Sign on URL**, **IdP Entity ID or Issuer URL**, and **Signing certificate** obtained from your identity provider.
5. (Optional) To enable SCIM, refer to [Synchronize users and groups](#synchronize-users-and-groups).
@@ -86,7 +86,7 @@ Set a reminder for the expiry date of the signing certificate obtained from your
## 3. Test the connection
-You can now [test the IdP integration](/cloudflare-one/integrations/identity-providers/#test-idps-in-zero-trust). A success response should return the configured SAML attributes.
+You can now [test the IdP integration](/cloudflare-one/integrations/identity-providers/#test-idps-in-cloudflare-one). A success response should return the configured SAML attributes.
## Synchronize users and groups
@@ -96,7 +96,7 @@ The generic SAML integration allows you to synchronize user groups and automatic
Your identity provider must support SCIM version 2.0.
-### 1. Enable SCIM in Zero Trust
+### 1. Enable SCIM in Cloudflare One
.cloudflareaccess.com
```
- You can find your team name in [Zero Trust](https://one.dash.cloudflare.com) by going to **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com) by going to **Settings** > **Team name**.
6. In the GitHub **Authorization callback URL** field, enter the following URL:
@@ -35,9 +35,9 @@ To configure GitHub access in both GitHub and Cloudflare Zero Trust:
8. Find the **Client ID** and **Client Secret**.
-9. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**.
+9. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
-10. Under **Login methods**, select **Add new**.
+10. Select **Add new identity provider** and select **GitHub**.
11. Choose **GitHub** on the next page.
@@ -45,7 +45,7 @@ To configure GitHub access in both GitHub and Cloudflare Zero Trust:
13. Select **Save**.
-To test that your connection is working, go to [Zero Trust](https://one.dash.cloudflare.com) > **Authentication** > **Login methods** and select **Test** next to your GitHub login method.
+To test that your connection is working, go to [Cloudflare One](https://one.dash.cloudflare.com) > **Integrations** > **Identity providers** and select **Test** next to your GitHub login method.
If you have GitHub two-factor authentication enabled, you will need to first login to GitHub directly and return to Access.
## Example API Configuration
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/google-workspace.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/google-workspace.mdx
index 12005893a3c6272..dbaca2e2ad3fd9d 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/google-workspace.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/google-workspace.mdx
@@ -14,7 +14,7 @@ You can integrate a Google Workspace (formerly G Suite) account with Cloudflare
Once integrated, users will log in with their Google Workspace credentials to reach resources protected by Cloudflare Access or to enroll their device into Cloudflare Gateway.
-You do not need to be a Google Cloud Platform user to integrate Google Workspace as an identity provider with Cloudflare Zero Trust. You will only need to open the Google Cloud Platform to configure IdP integration settings.
+You do not need to be a Google Cloud Platform user to integrate Google Workspace as an identity provider with Cloudflare One. You will only need to open the Google Cloud Platform to configure IdP integration settings.
## Set up Google Workspace as an identity provider
@@ -57,7 +57,7 @@ You do not need to be a Google Cloud Platform user to integrate Google Workspace
https://.cloudflareaccess.com
```
- You can find your team name in [Zero Trust](https://one.dash.cloudflare.com/) under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com/) under **Settings** > **Team name**.
12. Under **Authorized redirect URIs**, in the **URIs** field, enter the following URL:
@@ -75,11 +75,11 @@ You do not need to be a Google Cloud Platform user to integrate Google Workspace
-### 2. Add Google Workspace to Zero Trust
+### 2. Add Google Workspace to Cloudflare One
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Authentication**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Identity providers**.
-2. Under **Login methods**, select **Add new** and choose **Google Workspace**.
+2. Select **Add new identity provider** and select **Google Workspace**.
3. Input the Client ID (**App ID** in the Cloudflare dashboard) and Client Secret fields generated previously. Additionally, enter the domain of your Google Workspace account.
@@ -91,14 +91,14 @@ You do not need to be a Google Cloud Platform user to integrate Google Workspace
7. The generated link will prompt you to log in to your Google admin account and to authorize Cloudflare Access to view group information. After allowing permissions, you will see a success page from Cloudflare Access.
-To test that your connection is working, go to **Authentication** > **Login methods** and select **Test** next to Google Workspace. Your user identity and group membership should return.
+To test that your connection is working, go to **Integrations** > **Identity providers** and select **Test** next to Google Workspace. Your user identity and group membership should return.
:::caution[SCIM Provisioning (Beta)]
The direct SCIM provisioning integration with Google Workspace is not currently supported. Cloudflare is working with Google to complete the final approval process required to enable this feature. In the meantime, the SCIM endpoint will accept inbound SCIM events from any SCIM compliant service.
To generate the SCIM endpoint, you must:
-1. Save your Google Workspace login method in Zero Trust (step 6 above) and select **Back to Authentication** or return to **Settings** > **Authentication** in Zero Trust.
+1. Save your Google Workspace login method in Cloudflare One (step 6 above) and select **Back to Authentication** or return to **Integrations** > **Identity providers** in Cloudflare One.
2. Find the Google Workspace login method you created > select **Edit**.
3. Enable the **Enable SCIM** toggle.
4. Select **Regenerate Secret**.
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/google.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/google.mdx
index 2a51dafe4f35ed9..31b4bcb75d86670 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/google.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/google.mdx
@@ -7,7 +7,7 @@ import { GlossaryTooltip, Render } from "~/components";
You can integrate Google authentication with Cloudflare Access without a Google Workspace account. The integration allows any user with a Google account to log in (if the [Access policy](/cloudflare-one/access-controls/policies/) allows them to reach the resource). Unlike the instructions for [Google Workspace](/cloudflare-one/integrations/identity-providers/google-workspace/), the steps below will not allow you to pull group membership information from a Google Workspace account.
-You do not need to be a Google Cloud Platform user to integrate Google as an identity provider with Cloudflare Zero Trust. You will only need to open the Google Cloud Platform to configure IdP integration settings.
+You do not need to be a Google Cloud Platform user to integrate Google as an identity provider with Cloudflare One. You will only need to open the Google Cloud Platform to configure IdP integration settings.
## Set up Google as an identity provider
@@ -39,7 +39,7 @@ You do not need to be a Google Cloud Platform user to integrate Google as an ide
https://.cloudflareaccess.com
```
- You can find your team name in [Zero Trust](https://one.dash.cloudflare.com/) under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com/) under **Settings** > **Team name**.
8. Under **Authorized redirect URIs**, in the **URIs** field, enter the following URL:
@@ -49,9 +49,9 @@ You do not need to be a Google Cloud Platform user to integrate Google as an ide
9. After creating the OAuth client, select the OAuth client that you just created. Google will present the **OAuth Client ID** value and **Client secret** value. The client secret field functions like a password and should not be shared. Copy both the **OAuth Client ID** value and **Client secret** value.
-10. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Authentication**.
+10. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Identity providers**.
-11. Under **Login methods**, select **Add new**. Choose **Google** on the next page.
+11. Under **Your identity providers**, select **Add new identity provider**. Choose **Google** on the next page.
12. Input the Client ID (**App ID** in the Cloudflare dashboard) and Client Secret fields generated previously.
@@ -61,7 +61,7 @@ You do not need to be a Google Cloud Platform user to integrate Google as an ide
## Test your connection
-To test that your connection is working, go to **Authentication** > **Login methods** and select **Test** next to Google.
+To test that your connection is working, go to **Integrations** > **Identity providers** and select **Test** next to Google.
## Example API Config
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/index.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/index.mdx
index 03e9f8460cdfd14..19b102cf91dc65f 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/index.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/index.mdx
@@ -8,27 +8,30 @@ tags:
import { Render } from "~/components";
-Cloudflare Zero Trust integrates with your organization's identity provider to apply Zero Trust and Secure Web Gateway policies. If you work with partners, contractors, or other organizations, you can integrate multiple identity providers simultaneously.
+Cloudflare One integrates with your organization's identity provider to apply Cloudflare One and Secure Web Gateway policies. If you work with partners, contractors, or other organizations, you can integrate multiple identity providers simultaneously.
-As an alternative to configuring an identity provider, Cloudflare Zero Trust can send a [one-time PIN (OTP)](/cloudflare-one/integrations/identity-providers/one-time-pin/) to approved email addresses. No configuration needed — simply add a user's email address to an [Access policy](/cloudflare-one/access-controls/policies/) and to the group that allows your team to reach the application. You can simultaneously configure an OTP and an identity provider to allow users to use their own authentication method.
+As an alternative to configuring an identity provider, Cloudflare One can send a [one-time PIN (OTP)](/cloudflare-one/integrations/identity-providers/one-time-pin/) to approved email addresses. No configuration needed — simply add a user's email address to an [Access policy](/cloudflare-one/access-controls/policies/) and to the group that allows your team to reach the application. You can simultaneously configure an OTP and an identity provider to allow users to use their own authentication method.
-Adding an identity provider as a login method requires configuration both in [Zero Trust](https://one.dash.cloudflare.com) and with the identity provider itself. Consult our IdP-specific documentation to learn more about what you need to set up.
+Adding an identity provider as a login method requires configuration both in [Cloudflare One](https://one.dash.cloudflare.com) and with the identity provider itself. Consult our IdP-specific documentation to learn more about what you need to set up.
:::note
-Cloudflare Zero Trust supports social identity providers that do not require administrator accounts, open source providers, and corporate providers. Cloudflare also supports using signed AuthN requests with SAML providers.
+Cloudflare One supports social identity providers that do not require administrator accounts, open source providers, and corporate providers. Cloudflare also supports using signed AuthN requests with SAML providers.
:::
-## Set up IdPs in Zero Trust
+## Set up IdPs in Cloudflare One
Your IdP will now be listed in the **Login methods** card.
-## Test IdPs in Zero Trust
+## Test IdPs in Cloudflare One
-To test if an IdP is correctly configured, go to **Settings** > **Authentication**. Next, select **Test** next to the IdP you would like to test. This will attempt to connect to the IdP to verify if a valid connection is established.
+To test if an IdP is correctly configured:
+
+1. Go to **Integrations** > **Identity providers**.
+2. Select **Test** next to the IdP you would like to test. This will attempt to connect to the IdP to verify if a valid connection is established.
### Your provider is connected
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/jumpcloud-saml.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/jumpcloud-saml.mdx
index 76be522a9d9e9a4..3df37a9f502e45d 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/jumpcloud-saml.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/jumpcloud-saml.mdx
@@ -34,7 +34,7 @@ The following steps are specific to setting up JumpCloud with Cloudflare Access.
https://.cloudflareaccess.com/
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com/) under **Settings** > **Team name**.
2. Set both **SP Entity ID** and **ACS URL** to the following callback URL:
@@ -50,11 +50,11 @@ The following steps are specific to setting up JumpCloud with Cloudflare Access.
10. Select **Save**.
-### 2. Add JumpCloud to Zero Trust
+### 2. Add JumpCloud to Cloudflare One
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Authentication**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Identity providers**.
-2. Under **Login methods**, select **Add new**.
+2. Under **Your identity providers**, select **Add new identity provider**.
3. Select **SAML**.
@@ -66,13 +66,13 @@ The following steps are specific to setting up JumpCloud with Cloudflare Access.
7. Select **Save**.
-You can now [test your connection](/cloudflare-one/integrations/identity-providers/#test-idps-in-zero-trust) and create [Access policies](/cloudflare-one/access-controls/policies/) based on the configured login method and SAML attributes.
+You can now [test your connection](/cloudflare-one/integrations/identity-providers/#test-idps-in-cloudflare-one) and create [Access policies](/cloudflare-one/access-controls/policies/) based on the configured login method and SAML attributes.
## Synchronize users and groups
The JumpCloud integration allows you to synchronize user groups and automatically deprovision users using [SCIM](/cloudflare-one/team-and-resources/users/scim/).
-### 1. Enable SCIM in Zero Trust
+### 1. Enable SCIM in Cloudflare One
.cloudflareaccess.com/cdn-cgi/access/callback
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com/) under **Settings** > **Team name**.
@@ -39,9 +39,9 @@ To set up Keycloak (SAML) as your identity provider:
Next, you will need to integrate with Cloudflare Access.
-8. In [Zero Trust](https://dash.cloudflare.com), go to **Settings** > **Authentication**.
+8. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Identity providers**.
-9. Under **Login methods**, select **Add new**.
+9. Under **Your identity providers**, select **Add new identity provider**.
10. Choose **SAML** on the next page.
@@ -55,4 +55,4 @@ To set up Keycloak (SAML) as your identity provider:
11. Select **Save**.
-To test that your connection is working, go to **Authentication** > **Login methods** and select **Test** next to the login method you want to test.
+To test that your connection is working, go to **Integrations** > **Identity providers** and select **Test** next to the login method you want to test.
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/linkedin.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/linkedin.mdx
index 4144cf14ab2362a..d162e277fd52096 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/linkedin.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/linkedin.mdx
@@ -33,9 +33,9 @@ To configure LinkedIn as an IdP:
-10. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Authentication**.
+10. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Identity providers**.
-11. Under **Login methods**, select **Add new**.
+11. Under **Your identity providers**, select **Add new identity provider**.
12. Select **LinkedIn** as your IdP.
@@ -51,9 +51,9 @@ To configure LinkedIn as an IdP:
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
- You can find your team name by going to [Zero Trust](https://one.dash.cloudflare.com/) > **Settings** > **Custom Pages**.
+ You can find your team name by going to [Cloudflare One](https://one.dash.cloudflare.com/) > **Settings** > **Team name**.
-To test that your connection is working, go to [Zero Trust](https://one.dash.cloudflare.com/) > **Settings** > **Authentication** > **Login methods** > select **Test** next to your LinkedIn login method.
+To test that your connection is working, go to [Cloudflare One](https://one.dash.cloudflare.com/) > **Integrations** > **Identity providers** > select **Test** next to your LinkedIn login method.
## Example API configuration
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/okta-saml.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/okta-saml.mdx
index df1eea8b8ddf8af..6557d2059eebc5d 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/okta-saml.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/okta-saml.mdx
@@ -1,10 +1,11 @@
---
pcx_content_type: how-to
title: Okta (SAML)
-description: Integrate Okta as a SAML identity provider with Cloudflare Zero Trust.
+description: Integrate Okta as a SAML identity provider with Cloudflare One.
---
-Cloudflare Zero Trust can integrate SAML with Okta as an identity provider.
+Cloudflare One can integrate SAML with Okta as an identity provider.
+
## Set up Okta as a SAML provider
To set up SAML with Okta as your identity provider:
@@ -17,7 +18,7 @@ To set up SAML with Okta as your identity provider:
4. Enter an app name and select **Next**.
- 
+ 
5. In the **Single sign on URL** and the **Audience URI (SP Entity ID)** fields, enter the following URL:
@@ -25,7 +26,7 @@ To set up SAML with Okta as your identity provider:
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com/) under **Settings** > **Team name**.
6. In the **Attribute Statements** section, enter the following information:
@@ -52,13 +53,13 @@ To set up SAML with Okta as your identity provider:
-12. To retrieve the SAML provider information, go to the **Sign On** tab and select **View Setup Instructions**. A new page will open showing the **Identity Provider Single Sign-on URL**, **Identity Provider Issuer**, and **X.509 Certificate**. Save this information for configuring your Zero Trust settings.
+12. To retrieve the SAML provider information, go to the **Sign On** tab and select **View Setup Instructions**. A new page will open showing the **Identity Provider Single Sign-on URL**, **Identity Provider Issuer**, and **X.509 Certificate**. Save this information for configuring your Cloudflare One settings.
-13. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**.
+13. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity provider**.
-14. Select **Add new** under **Login Methods**, and select _SAML_.
+14. Under **Your identity providers**, select **Add new identity provider**, and select _SAML_.
15. Fill in the following information:
@@ -71,11 +72,11 @@ To set up SAML with Okta as your identity provider:
17. (Recommended) Under **SAML attributes**, add the `email` and `groups` attributes. The `groups` attribute is required if you want to create policies based on [Okta groups](/cloudflare-one/traffic-policies/identity-selectors/#okta-saml).
-
+
18. Select **Save**.
-To test that your connection is working, go to **Settings** > **Authentication** > **Login methods** and select **Test** next to Okta. A success response should return the configured SAML attributes.
+To test that your connection is working, go to **Integrations** > **Identity providers** and select **Test** next to Okta. A success response should return the configured SAML attributes.
:::caution
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/okta.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/okta.mdx
index 39537f8e4e42c42..cef930ddb8bdd0d 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/okta.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/okta.mdx
@@ -1,19 +1,19 @@
---
pcx_content_type: how-to
title: Okta
-description: Integrate Okta as an identity provider for Cloudflare Zero Trust.
+description: Integrate Okta as an identity provider for Cloudflare One.
---
import { Render } from "~/components";
-Okta provides cloud software that helps companies manage and secure user authentication to modern applications, and helps developers build identity controls into applications, website web services, and devices. You can integrate Okta with Cloudflare Zero Trust and build rules based on user identity and group membership. Cloudflare Zero Trust supports Okta integrations using either the OIDC (default) or [SAML](/cloudflare-one/integrations/identity-providers/okta-saml/) protocol.
+Okta provides cloud software that helps companies manage and secure user authentication to modern applications, and helps developers build identity controls into applications, website web services, and devices. You can integrate Okta with Cloudflare One and build rules based on user identity and group membership. Cloudflare One supports Okta integrations using either the OIDC (default) or [SAML](/cloudflare-one/integrations/identity-providers/okta-saml/) protocol.
-Additionally, you can configure Okta to use risk information from Zero Trust [user risk scores](/cloudflare-one/insights/risk-score/) to create SSO-level policies. For more information, refer to [Send risk score to Okta](/cloudflare-one/insights/risk-score/#send-risk-score-to-okta).
+Additionally, you can configure Okta to use risk information from Cloudflare One [user risk scores](/cloudflare-one/insights/risk-score/) to create SSO-level policies. For more information, refer to [Send risk score to Okta](/cloudflare-one/insights/risk-score/#send-risk-score-to-okta).
## Prerequisites
-- A Cloudflare [Zero Trust organization](/cloudflare-one/setup/) with any subscription tier (including Free)
-- A [Zero Trust administrator role](/cloudflare-one/roles-permissions/) with `Access Edit` permissions
+- A [Cloudflare One organization](/cloudflare-one/setup/) with any subscription tier (including Free)
+- A [Cloudflare One administrator role](/cloudflare-one/roles-permissions/) with `Access Edit` permissions
## Supported features
@@ -30,13 +30,13 @@ To set up the Okta integration using the Okta Integration Network (OIN) App Cata
4. Search for `Cloudflare` and select the **Cloudflare One** app.
5. Select **Add integration**.
6. In **Application label**, enter a name for the application (for example, `Cloudflare Access`).
-7. In **Team domain**, enter your Zero Trust team domain:
+7. In **Team domain**, enter your Cloudflare One team domain:
```txt
.cloudflareaccess.com
```
- You can find your team domain in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team domain in Cloudflare One under **Settings** > **Team name**.
8. In the **Sign On** tab, copy the **Client ID** and **Client secret**.
9. Scroll down to **OpenID ConnectID Token** and select **Edit**.
@@ -65,7 +65,7 @@ To set up the Okta integration using the Okta Integration Network (OIN) App Cata
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com/) under **Settings** > **Team name**.
6. Choose the desired **Assignment** option and select **Save**.
@@ -98,7 +98,7 @@ The Okta integration allows you to synchronize IdP groups and automatically depr
If you would like to only maintain one Okta app instance, Okta does support SAML and SCIM within the same application. Create a [generic SAML integration](/cloudflare-one/integrations/identity-providers/generic-saml/) and configure those values in the **Sign-On** field of your Okta SCIM application.
:::
-### 1. Enable SCIM in Zero Trust
+### 1. Enable SCIM in Cloudflare One
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**.
-2. Under **Login methods**, select **Add new**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
+2. Under **Your identity providers**, select **Add new identity provider**.
3. Select **One-time PIN**.
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/onelogin-oidc.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/onelogin-oidc.mdx
index 7b9c9f5809211a4..f775e11bec985a5 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/onelogin-oidc.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/onelogin-oidc.mdx
@@ -23,7 +23,7 @@ OneLogin provides SSO identity management. Cloudflare Access supports OneLogin a
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com/) under **Settings** > **Team name**.
6. Select **Save**.
@@ -33,11 +33,11 @@ OneLogin provides SSO identity management. Cloudflare Access supports OneLogin a
9. Copy the **Client ID** and **Client Secret**.
-### 2. Add OneLogin to Zero Trust
+### 2. Add OneLogin to Cloudflare One
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
-2. Under **Login methods**, select **Add new**.
+2. Under **Your identity providers**, select **Add new identity provider**.
3. Select **OneLogin**.
@@ -54,7 +54,7 @@ OneLogin provides SSO identity management. Cloudflare Access supports OneLogin a
7. Select **Save**.
-To test that your connection is working, go to **Authentication** > **Login methods** and select **Test** next to OneLogin.
+To test that your connection is working, go to **Integrations** > **Identity providers** and select **Test** next to OneLogin.
## Example API Config
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/onelogin-saml.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/onelogin-saml.mdx
index 53581cbad438772..9834d9596c915f4 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/onelogin-saml.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/onelogin-saml.mdx
@@ -1,10 +1,11 @@
---
pcx_content_type: how-to
title: OneLogin (SAML)
-description: Integrate OneLogin as a SAML identity provider for Cloudflare Zero Trust.
+description: Integrate OneLogin as a SAML identity provider for Cloudflare One.
---
OneLogin provides SSO identity management. Cloudflare Access supports OneLogin as an SAML identity provider.
+
## Set up OneLogin as a SAML provider
## 1. Create an application in OneLogin
@@ -27,7 +28,7 @@ OneLogin provides SSO identity management. Cloudflare Access supports OneLogin a
https://.cloudflareaccess.com
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com/) under **Settings** > **Team name**.
8. Select the **Parameters** tab, select **Add Parameter** and enter your values for **Cloudflare Access Field**.
@@ -47,11 +48,11 @@ OneLogin provides SSO identity management. Cloudflare Access supports OneLogin a
-### 2. Add OneLogin to Zero Trust
+### 2. Add OneLogin to Cloudflare One
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Authentication**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Identity providers**.
-2. Under **Login methods**, select **Add new**.
+2. Under **Your identity providers**, select **Add new identity provider**.
3. Select **SAML**.
@@ -63,7 +64,7 @@ OneLogin provides SSO identity management. Cloudflare Access supports OneLogin a
7. Select **Save**.
-To test that your connection is working, go to **Authentication** > **Login methods** and select **Test** next to the login method you want to test.
+To test that your connection is working, go to **Integrations** > **Identity providers** and select **Test** next to the login method you want to test.
## Download SP metadata (optional)
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/pingfederate-saml.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/pingfederate-saml.mdx
index 8d5d2358a4b00c5..7d2036df1ca4815 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/pingfederate-saml.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/pingfederate-saml.mdx
@@ -39,9 +39,9 @@ In versions 9.0 above, you can leave both of these options enabled.
This file shares several fields with Cloudflare Access so you do not have to input this data.
-11. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**.
+11. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
-12. Under **Login methods**, select **Add new**.
+12. Under **Your identity providers**, select **Add new identity provider**.
13. Select SAML.
@@ -51,7 +51,7 @@ This file shares several fields with Cloudflare Access so you do not have to inp
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
-You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com/) under **Settings** > **Team name**.
15. Fill the other fields with values from your Ping dashboard.
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/pingone-oidc.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/pingone-oidc.mdx
index b72dd7b509ab0b5..f0b2cb6605226cc 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/pingone-oidc.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/pingone-oidc.mdx
@@ -15,7 +15,7 @@ The PingOne cloud platform from PingIdentity provides SSO identity management. C
4. Select **OIDC Web App** and then **Save**.
5. Select **Resource Access** and add the **email** and **profile** scopes.
6. In the **Configuration** tab, select **General**.
-7. Copy the **Client ID**, **Client Secret**, and **Environment ID** to a safe place. These ids will be used in a later step to add PingOne to Zero Trust.
+7. Copy the **Client ID**, **Client Secret**, and **Environment ID** to a safe place. These IDs will be used in a later step to add PingOne to Cloudflare One.
8. In the **Configuration** tab, select the pencil icon.
9. In the **Redirect URIs** field, enter the following URL:
@@ -23,14 +23,14 @@ The PingOne cloud platform from PingIdentity provides SSO identity management. C
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com/) under **Settings** > **Team name**.
10. Select **Save**.
-### 2. Add PingOne to Zero Trust
+### 2. Add PingOne to Cloudflare One
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Authentication**.
-2. Under **Login methods**, select **Add new**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Identity providers**.
+2. Under **Your identity providers**, select **Add new identity provider**.
3. Select **PingOne**.
4. Input the **Client ID**, **Client Secret**, and **Environment ID** generated previously.
5. (Optional) Enable [Proof of Key Exchange (PKCE)](https://www.oauth.com/oauth2-servers/pkce/). PKCE will be performed on all login attempts.
@@ -38,7 +38,7 @@ The PingOne cloud platform from PingIdentity provides SSO identity management. C
7. (Optional) Under **Optional configurations**, enter [custom OIDC claims](/cloudflare-one/integrations/identity-providers/generic-oidc/#custom-oidc-claims) that you wish to add to your users' identity.
8. Select **Save**.
-You can now [test your connection](/cloudflare-one/integrations/identity-providers/#test-idps-in-zero-trust) and create [Access policies](/cloudflare-one/access-controls/policies/) based on the configured login method.
+You can now [test your connection](/cloudflare-one/integrations/identity-providers/#test-idps-in-cloudflare-one) and create [Access policies](/cloudflare-one/access-controls/policies/) based on the configured login method.
## Example API configuration
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/pingone-saml.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/pingone-saml.mdx
index 9bd84f3761ea099..d01d7beedab97c8 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/pingone-saml.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/pingone-saml.mdx
@@ -1,7 +1,7 @@
---
pcx_content_type: how-to
title: PingOne (SAML)
-description: Learn how to integrate PingOne as a SAML identity provider with Cloudflare Zero Trust.
+description: Learn how to integrate PingOne as a SAML identity provider with Cloudflare Cloudflare One.
---
import { GlossaryTooltip } from "~/components";
@@ -30,9 +30,9 @@ The PingOne cloud platform from PingIdentity provides SSO identity management. C
https://.cloudflareaccess.com/cdn-cgi/access/saml-metadata
```
- where `` is your Cloudflare Zero Trust team name. 3. Select **Import**. 4. **Save** the configuration.
+ where `` is your Cloudflare One team name. 3. Select **Import**. 4. **Save** the configuration.
-7. In the **Configuration** tab, select **Download metadata** and save the XML metadata file. This file will be used in a later step to add PingOne to Zero Trust.
+7. In the **Configuration** tab, select **Download metadata** and save the XML metadata file. This file will be used in a later step to add PingOne to Cloudflare One.
8. In the **Attribute Mappings** tab, add the following required attributes (case sensitive) and select **Save**.
@@ -46,11 +46,11 @@ The PingOne cloud platform from PingIdentity provides SSO identity management. C
9. Set the application to **Active**.
-### 2. Add PingOne to Zero Trust
+### 2. Add PingOne to Cloudflare One
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Authentication**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Identity providers**.
-2. Under **Login methods**, select **Add new**.
+2. Under **Your identity providers**, select **Add new identity provider**.
3. Select **SAML**.
@@ -62,4 +62,4 @@ The PingOne cloud platform from PingIdentity provides SSO identity management. C
7. Select **Save**.
-You can now [test your connection](/cloudflare-one/integrations/identity-providers/#test-idps-in-zero-trust) and create [Access policies](/cloudflare-one/access-controls/policies/) based on the configured login method and SAML attributes.
+You can now [test your connection](/cloudflare-one/integrations/identity-providers/#test-idps-in-cloudflare-one) and create [Access policies](/cloudflare-one/access-controls/policies/) based on the configured login method and SAML attributes.
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/signed_authn.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/signed_authn.mdx
index d7d3675f7dbb657..0ea748f53304b89 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/signed_authn.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/signed_authn.mdx
@@ -15,9 +15,9 @@ Cloudflare Access supports this requirement in the form of Signed AuthN requests
To set up Signed AuthN requests:
-1. In Zero Trust, go to **Settings** > **Authentication**.
+1. In Cloudflare One, go to **Integrations** > **Identity providers**.
-2. Under **Login methods**, select **Add new**.
+2. Under **Your identity providers**, select **Add new identity provider**.
3. Choose **SAML** on the next page.
diff --git a/src/content/docs/cloudflare-one/integrations/identity-providers/yandex.mdx b/src/content/docs/cloudflare-one/integrations/identity-providers/yandex.mdx
index baa29536195e910..c1e2a05bafdb336 100644
--- a/src/content/docs/cloudflare-one/integrations/identity-providers/yandex.mdx
+++ b/src/content/docs/cloudflare-one/integrations/identity-providers/yandex.mdx
@@ -29,7 +29,7 @@ To set up Yandex for Cloudflare Access:
https://.cloudflareaccess.com/cdn-cgi/access/callback
```
- You can find your team name in Zero Trust under **Settings** > **Custom Pages**.
+ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com/) under **Settings** > **Team name**.
@@ -41,9 +41,9 @@ To set up Yandex for Cloudflare Access:
11. Copy the **ID** and **Password**.
-12. In Zero Trust, go to **Settings** > **Authentication**.
+12. In Cloudflare One, go to **Integrations** > **Identity providers**.
-13. Under **Login methods**, select **Add new**.
+13. Under **Your identity providers**, select **Add new identity provider**.
14. Select Yandex.
diff --git a/src/content/docs/cloudflare-one/integrations/service-providers/custom.mdx b/src/content/docs/cloudflare-one/integrations/service-providers/custom.mdx
index 704e9bffd6777d0..09acb9348dd4b95 100644
--- a/src/content/docs/cloudflare-one/integrations/service-providers/custom.mdx
+++ b/src/content/docs/cloudflare-one/integrations/service-providers/custom.mdx
@@ -5,12 +5,12 @@ sidebar:
label: Custom integration
order: 1
-description: Configure custom device posture checks in Cloudflare Zero Trust using a service-to-service integration.
+description: Configure custom device posture checks in Cloudflare One using a service-to-service integration.
---
import { Render } from "~/components";
-Cloudflare Zero Trust allows you to enforce custom device posture checks on your applications. This involves configuring a WARP service-to-service integration that periodically calls the external API of your choice, whether it is a third-party endpoint provider or a home built solution. When called, the API will receive device identifying information from Cloudflare and be expected to return a value between `0` to `100`. You can then set up a device posture check that determines if the returned value counts as a pass or fail; for example, you could allow access to a user only if their device has a posture value greater than `60`.
+Cloudflare One allows you to enforce custom device posture checks on your applications. This involves configuring a WARP service-to-service integration that periodically calls the external API of your choice, whether it is a third-party endpoint provider or a home built solution. When called, the API will receive device identifying information from Cloudflare and be expected to return a value between `0` to `100`. You can then set up a device posture check that determines if the returned value counts as a pass or fail; for example, you could allow access to a user only if their device has a posture value greater than `60`.
```mermaid
sequenceDiagram
@@ -124,7 +124,7 @@ To create a custom service-to-service integration:
5. In **Access client ID** and **Access client secret**, enter the Access service token used to authenticate to your external API.
6. In **Rest API URL**, enter the external API endpoint that Cloudflare will query for posture information (for example, `https://api.example.com`). For more information, refer to [External API requirements](#external-api-requirements).
-7. In **Polling frequency**, choose how often Cloudflare Zero Trust should query the external API for information.
+7. In **Polling frequency**, choose how often Cloudflare One should query the external API for information.
8. Select **Test and save**. The test checks if Cloudflare can authenticate to the API URL using the provided Access credentials.
Next, [configure a device posture check](#4-configure-the-posture-check) to determine if a given posture score constitutes a pass or fail.
diff --git a/src/content/docs/cloudflare-one/integrations/service-providers/kolide.mdx b/src/content/docs/cloudflare-one/integrations/service-providers/kolide.mdx
index cc7d2a54d69c8ef..84401e15f9b5956 100644
--- a/src/content/docs/cloudflare-one/integrations/service-providers/kolide.mdx
+++ b/src/content/docs/cloudflare-one/integrations/service-providers/kolide.mdx
@@ -44,7 +44,7 @@ import { Render } from "~/components";
/>
5. Enter the **Client secret** you noted down above.
-6. Choose a **Polling frequency** for how often Cloudflare Zero Trust should query Kolide for information.
+6. Choose a **Polling frequency** for how often Cloudflare One should query Kolide for information.
7. Select **Test and save**.
### 3. Configure the posture check
diff --git a/src/content/docs/cloudflare-one/integrations/service-providers/microsoft.mdx b/src/content/docs/cloudflare-one/integrations/service-providers/microsoft.mdx
index 6bf457c192dbd15..66ef721815a6337 100644
--- a/src/content/docs/cloudflare-one/integrations/service-providers/microsoft.mdx
+++ b/src/content/docs/cloudflare-one/integrations/service-providers/microsoft.mdx
@@ -60,7 +60,7 @@ To retrieve those values:
/>
5. Enter the **Client ID**, **Client secret** and **Customer ID** as you noted down above.
-6. Select a **Polling frequency** for how often Cloudflare Zero Trust should query Microsoft Graph API for information.
+6. Select a **Polling frequency** for how often Cloudflare One should query Microsoft Graph API for information.
7. Select **Test and save**.
## 3. Configure the posture check
diff --git a/src/content/docs/cloudflare-one/integrations/service-providers/sentinelone.mdx b/src/content/docs/cloudflare-one/integrations/service-providers/sentinelone.mdx
index 74c2b16b931f0b5..492a8c3c33e6013 100644
--- a/src/content/docs/cloudflare-one/integrations/service-providers/sentinelone.mdx
+++ b/src/content/docs/cloudflare-one/integrations/service-providers/sentinelone.mdx
@@ -54,7 +54,7 @@ To retrieve those values:
5. In **Client Secret**, enter your **API Token**.
6. In **Rest API URL**, enter `https://.sentinelone.net`.
-7. Choose a **Polling frequency** for how often Cloudflare Zero Trust should query SentinelOne for information.
+7. Choose a **Polling frequency** for how often Cloudflare One should query SentinelOne for information.
8. Select **Test and save**.
### 3. Configure the posture check
diff --git a/src/content/docs/cloudflare-one/integrations/service-providers/taniums2s.mdx b/src/content/docs/cloudflare-one/integrations/service-providers/taniums2s.mdx
index 0dcd0a5fdd1c662..b200513e9e10307 100644
--- a/src/content/docs/cloudflare-one/integrations/service-providers/taniums2s.mdx
+++ b/src/content/docs/cloudflare-one/integrations/service-providers/taniums2s.mdx
@@ -62,7 +62,7 @@ To retrieve the API URL, determine your Tanium Gateway root endpoint:
/>
5. Enter the **Client Secret** and **REST API URL** you noted down above.
-6. Choose a **Polling frequency** for how often Cloudflare Zero Trust should query Tanium for information.
+6. Choose a **Polling frequency** for how often Cloudflare One should query Tanium for information.
7. Select **Test and save**.
### 3. Configure the posture check
diff --git a/src/content/docs/cloudflare-one/integrations/service-providers/uptycs.mdx b/src/content/docs/cloudflare-one/integrations/service-providers/uptycs.mdx
index 6d082a84e838f6d..0630d7f34ec2963 100644
--- a/src/content/docs/cloudflare-one/integrations/service-providers/uptycs.mdx
+++ b/src/content/docs/cloudflare-one/integrations/service-providers/uptycs.mdx
@@ -48,7 +48,7 @@ To obtain these values:
/>
5. Enter the **Client ID**, **Client secret** and **Customer ID** as you noted down above.
-6. Select a **Polling frequency** for how often Cloudflare Zero Trust should query Uptycs for information.
+6. Select a **Polling frequency** for how often Cloudflare One should query Uptycs for information.
7. Select **Test and save**.
## 3. Configure the posture check
diff --git a/src/content/docs/cloudflare-one/integrations/service-providers/workspace-one.mdx b/src/content/docs/cloudflare-one/integrations/service-providers/workspace-one.mdx
index d52ba1cff89eecc..1a9c08f9fb99756 100644
--- a/src/content/docs/cloudflare-one/integrations/service-providers/workspace-one.mdx
+++ b/src/content/docs/cloudflare-one/integrations/service-providers/workspace-one.mdx
@@ -57,7 +57,7 @@ To retrieve those values:
/>
5. Enter the **Client ID** and **Client secret** you noted down above.
-6. Select a **Polling frequency** for how often Cloudflare Zero Trust should query Workspace ONE for information.
+6. Select a **Polling frequency** for how often Cloudflare One should query Workspace ONE for information.
7. Enter the **Region-specific token URL** and **REST API URL** you noted down above.
8. Select **Test and save**.
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/access-integrations/mutual-tls-authentication.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/access-integrations/mutual-tls-authentication.mdx
index 4d0bd8cba33c37e..f310d3e02bb9ee0 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/access-integrations/mutual-tls-authentication.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/access-integrations/mutual-tls-authentication.mdx
@@ -45,7 +45,7 @@ The mTLS certificate is used only to verify the client certificate. It does not
6. Save the policy.
-7. Go to **Access** > **Policies**.
+7. Go to **Access controls** > **Policies**.
8. [Create an Access policy](/cloudflare-one/access-controls/policies/policy-management/#create-a-policy) using one of the following [selectors](/cloudflare-one/access-controls/policies/#selectors):
- **Valid Certificate**: Any client certificate that can authenticate with the Root CA will be allowed to proceed.
@@ -63,7 +63,7 @@ The mTLS certificate is used only to verify the client certificate. It does not
-10. Save the policy, then go to **Access** > **Applications**.
+10. Save the policy, then go to **Access controls** > **Applications**.
11. Select the application you would like to enforce mTLS on and select **Configure**. The application must be included in the **Associated hostnames** list from Step 5.
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/access-integrations/tanium.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/access-integrations/tanium.mdx
index 79effb3c7130724..7c65bde92f2cf5e 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/access-integrations/tanium.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/access-integrations/tanium.mdx
@@ -44,9 +44,9 @@ The integration does not currently support Safari.
1. Configure your Tanium deployment using the [step-by-step documentation](https://docs.tanium.com/endpoint_identity/endpoint_identity/userguide.html) provided. You will need the public key to integrate your Tanium deployment with Cloudflare Access.
-2. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **WARP Client**.
+2. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Posture checks**.
-3. Scroll down to **WARP client checks** and select **Add new**.
+3. Go to **WARP client checks** and select **Add a check**.
4. Select **Tanium** from the list of providers.
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/index.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/index.mdx
index fa11fdc103506ea..640eb99e6d95a17 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/index.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/index.mdx
@@ -21,7 +21,7 @@ Setup instructions and requirements vary depending on the device posture attribu
Before integrating a device posture check in a Gateway or Access policy, verify that the Pass/Fail results match your expectations. To view the latest test results for a specific device:
-1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **My Team** > **Devices**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Team & Resources** > **Devices**.
2. Select the device.
3. Select **View details**.
4. Select the **Posture checks** tab.
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/application-check.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/application-check.mdx
index 11ab319554c4c20..f1837248eeedb8a 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/application-check.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/application-check.mdx
@@ -22,9 +22,9 @@ The Application Check device posture attribute checks that a specific applicatio
## Configure an application check
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **WARP Client**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Posture checks**.
-2. Scroll down to **WARP client checks** and select **Add new**.
+2. Go to **WARP client checks** and select **Add a check**.
3. Select **Application Check**.
@@ -43,7 +43,7 @@ The Application Check device posture attribute checks that a specific applicatio
7. Select **Save**.
-Next, go to **Logs** > **Posture** and verify that the application check is returning the expected results.
+Next, go to **Insights** > **Logs** > **Posture logs** and verify that the application check is returning the expected results.
## Determine the signing thumbprint
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/carbon-black.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/carbon-black.mdx
index e6887f422692696..7aff2998e80726a 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/carbon-black.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/carbon-black.mdx
@@ -7,7 +7,7 @@ sidebar:
import { Render } from "~/components";
-Cloudflare Zero Trust can check if [Carbon Black](https://www.carbonblack.com/) is running on a device to determine if a request should be allowed to reach a protected resource.
+Cloudflare One can check if [Carbon Black](https://www.carbonblack.com/) is running on a device to determine if a request should be allowed to reach a protected resource.
## Prerequisites
@@ -23,9 +23,9 @@ Cloudflare Zero Trust can check if [Carbon Black](https://www.carbonblack.com/)
## Configure the Carbon Black check
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **WARP Client**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Posture checks**.
-2. Scroll down to **WARP client checks** and select **Add new**.
+2. Go to **WARP client checks** and select **Add a check**.
3. Select **Carbon Black**.
@@ -36,4 +36,4 @@ Cloudflare Zero Trust can check if [Carbon Black](https://www.carbonblack.com/)
4. **Signing certificate thumbprint (recommended)**: Enter the thumbprint of the publishing certificate used to sign the binary. This proves the binary came from Carbon Black and is the recommended way to validate the process.
5. **SHA-256 (optional)**: Enter a SHA-256 value. This is used to validate the SHA256 signature of the binary and ensures the integrity of the binary file on the device. Note: do not fill out this field unless you strictly control updates to Carbon Black, as this will change between versions.
-Next, go to **Logs** > **Posture** and verify that the Carbon Black check is returning the expected results.
+Next, go to **Insights** > **Logs** > **Posture logs** and verify that the Carbon Black check is returning the expected results.
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/client-certificate.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/client-certificate.mdx
index b9b4ec561cb8338..edced3cb4dbdf3b 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/client-certificate.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/client-certificate.mdx
@@ -33,7 +33,7 @@ The Client Certificate device posture attribute checks if the device has a valid
:::note[Upload the signing certificate that issued the client certificate]
- When uploading a certificate to use in posture checks, Cloudflare does not differentiate between root and intermediate certificates. You must upload the actual signing certificate – the one that directly signed the client certificate.
+ When uploading a certificate to use in posture checks, Cloudflare does not differentiate between root and intermediate certificates. You must upload the actual signing certificate - the one that directly signed the client certificate.
If you upload a different certificate, even if it exists higher up in the trust chain (for example, the root that issued the signing certificate), the posture check will fail.
@@ -58,9 +58,9 @@ To generate a sample root CA for testing, refer to [Generate mTLS certificates](
}}
/>
-2. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **WARP Client**.
+2. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Posture checks**.
-3. Scroll down to **WARP client checks** and select **Add new**.
+3. Go to **WARP client checks** and select **Add a check**.
4. Select **Client certificate**.
@@ -93,7 +93,7 @@ To generate a sample root CA for testing, refer to [Generate mTLS certificates](
6. Select **Save**.
-Next, go to **Logs** > **Posture** and verify that the client certificate check is returning the expected results.
+Next, go to **Insights** > **Logs** > **Posture logs** and verify that the client certificate check is returning the expected results.
## Troubleshooting
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/corp-device.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/corp-device.mdx
index 47ec8a4dbd332ac..5fbf9c588af8b96 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/corp-device.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/corp-device.mdx
@@ -7,7 +7,7 @@ sidebar:
import { Render } from "~/components";
-Cloudflare Zero Trust allows you to build Zero Trust rules based on device serial numbers. You can create these rules so that access to applications is granted only to users connecting from company devices.
+Cloudflare One allows you to build Zero Trust rules based on device serial numbers. You can create these rules so that access to applications is granted only to users connecting from company devices.
## Prerequisites
@@ -24,7 +24,7 @@ Cloudflare Zero Trust allows you to build Zero Trust rules based on device seria
To create rules based on device serial numbers, you first need to create a [Gateway List](/cloudflare-one/reusable-components/lists/) of numbers.
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **My Team** > **Lists**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Lists**.
2. Select **Create manual list** or **Upload CSV**. For larger teams, we recommend uploading a CSV or using Cloudflare's [API endpoint](/api/resources/zero_trust/subresources/gateway/subresources/lists/methods/list/).
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/device-uuid.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/device-uuid.mdx
index f689dd1144a7902..7a2fb2a62be9a9f 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/device-uuid.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/device-uuid.mdx
@@ -7,7 +7,7 @@ sidebar:
import { Render } from "~/components";
-Cloudflare Zero Trust allows you to build Zero Trust rules based on device UUIDs supplied in an MDM file. You can create these rules so that access to applications is granted only to users connecting from company devices.
+Cloudflare One allows you to build Zero Trust rules based on device UUIDs supplied in an MDM file. You can create these rules so that access to applications is granted only to users connecting from company devices.
## Prerequisites
@@ -32,7 +32,7 @@ You will need to use a [managed deployment tool](/cloudflare-one/team-and-resour
To create rules based on device UUIDs, you first need to create a [Gateway List](/cloudflare-one/reusable-components/lists/) of UUIDs.
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **My Team** > **Lists**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Lists**.
2. Select **Create manual list** or **Upload CSV**. For larger teams, we recommend uploading a CSV or using Cloudflare's [API endpoint](/api/resources/zero_trust/subresources/gateway/subresources/lists/methods/list/).
@@ -51,9 +51,9 @@ Hyphens are automatically stripped from UUIDs. For example, the posture check wi
## 3. Enable the posture check
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **WARP Client**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Posture checks**.
-2. Scroll down to **WARP client checks** and select **Add new**.
+2. Go to **WARP client checks** and select **Add a check**.
3. Select **Unique Client ID**.
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/disk-encryption.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/disk-encryption.mdx
index 73ce91ae1933203..6b5de66fb21e437 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/disk-encryption.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/disk-encryption.mdx
@@ -25,15 +25,15 @@ The Disk Encryption device posture attribute ensures that disks are encrypted on
## Enable the disk encryption check
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **WARP Client**.
-2. Scroll down to **WARP client checks** and select **Add new**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Posture checks**.
+2. Go to **WARP client checks** and select **Add a check**.
3. Select **Disk Encryption**.
4. Enter a descriptive name for the check.
5. Select your operating system.
6. Either enable disk encryption for all volumes, or input the specific volume(s) you want to check for encryption (for example, `C`).
7. Select **Save**.
-Next, go to **Logs** > **Posture** and verify that the disk encryption check is returning the expected results.
+Next, go to **Insights** > **Logs** > **Posture logs** and verify that the disk encryption check is returning the expected results.
## Validate disk encryption status
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/domain-joined.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/domain-joined.mdx
index 406b8dada7c2c0d..759ecea8bc2fe14 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/domain-joined.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/domain-joined.mdx
@@ -25,8 +25,8 @@ The Domain Joined device posture attribute ensures that a user is a member of a
## Enable the Domain Joined check
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **WARP Client**.
-2. Scroll down to **WARP client checks** and select **Add new**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Posture checks**.
+2. Go to **WARP client checks** and select **Add a check**.
3. Select **Domain Joined**.
4. Enter a descriptive name for the check.
5. Select your operating system.
@@ -36,7 +36,7 @@ The Domain Joined device posture attribute ensures that a user is a member of a
:::
7. Select **Save**.
-Next, go to **Logs** > **Posture** and verify that the Domain Joined check is returning the expected results.
+Next, go to **Insights** > **Logs** > **Posture logs** and verify that the Domain Joined check is returning the expected results.
## Validate the domain value
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/file-check.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/file-check.mdx
index 3a1f62ae76bea17..be62ab9b4e62688 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/file-check.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/file-check.mdx
@@ -22,9 +22,9 @@ The File Check device posture attribute checks for the presence of a file on a d
## Configure a file check
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **WARP Client**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Posture checks**.
-2. Scroll down to **WARP client checks** and select **Add new**.
+2. Go to **WARP client checks** and select **Add a check**.
3. Select **File Check**.
@@ -37,4 +37,4 @@ The File Check device posture attribute checks for the presence of a file on a d
5. Select **Save**.
-Next, go to **Logs** > **Posture** and verify that the file check is returning the expected results.
+Next, go to **Insights** > **Logs** > **Posture logs** and verify that the file check is returning the expected results.
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/firewall.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/firewall.mdx
index 537a2ff8f470a68..ca39ed8104477ec 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/firewall.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/firewall.mdx
@@ -25,15 +25,15 @@ The Firewall device posture attribute ensures that a firewall is running on a de
## Enable the firewall check
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **WARP Client**.
-2. Scroll down to **WARP client checks** and select **Add new**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Posture checks**.
+2. Go to **WARP client checks** and select **Add a check**.
3. Select **Firewall**.
4. Enter a descriptive name for the check.
5. Select your operating system.
6. Turn on **Enable firewall check**.
7. Select **Save**.
-Next, go to **Logs** > **Posture** and verify that the firewall check is returning the expected results.
+Next, go to **Insights** > **Logs** > **Posture logs** and verify that the firewall check is returning the expected results.
## How WARP checks the firewall status
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/os-version.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/os-version.mdx
index 3c51d0691249ca5..7ff8060f6245bf0 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/os-version.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/os-version.mdx
@@ -22,8 +22,8 @@ The OS Version device posture attribute checks whether the version of a device's
## Enable the OS version check
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **WARP Client**.
-2. Scroll down to **WARP client checks** and select **Add new**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Posture checks**.
+2. Go to **WARP client checks** and select **Add a check**.
3. Select **OS version**.
4. Configure the **Operating system**, **Operator**, and **Version** fields to specify the [OS version](#determine-the-os-version) you want devices to match.
@@ -51,7 +51,7 @@ The OS Version device posture attribute checks whether the version of a device's
6. Select **Save**.
-Next, go to **Logs** > **Posture** and verify that the OS version check is returning the expected results.
+Next, go to **Insights** > **Logs** > **Posture logs** and verify that the OS version check is returning the expected results.
## Determine the OS version
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/require-gateway.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/require-gateway.mdx
index f75d69f5ae0ac61..5a46268e880a573 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/require-gateway.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/require-gateway.mdx
@@ -25,15 +25,15 @@ With Require Gateway, you can allow access to your applications only to devices
## 1. Enable the Gateway check
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **WARP Client**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Posture checks**.
-2. In **WARP client checks**, select **Add new**.
+2. Go to **WARP client checks** and select **Add a check**.
3. Select **Gateway**, then select **Save**.
## 2. Add the check to an Access application
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**.
2. Locate the application for which you want to require Gateway. Select **Configure**.
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/require-warp.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/require-warp.mdx
index 528533f4cc841a6..5ae92d5c7abc072 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/require-warp.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/require-warp.mdx
@@ -16,7 +16,7 @@ This device posture attribute will check for all versions of WARP, including the
:::
-Cloudflare Zero Trust enables you to restrict access to your applications to devices running the Cloudflare WARP client. This allows you to flexibly ensure that a user's traffic is secure and encrypted before allowing access to a resource protected behind Cloudflare Zero Trust.
+Cloudflare One enables you to restrict access to your applications to devices running the Cloudflare WARP client. This allows you to flexibly ensure that a user's traffic is secure and encrypted before allowing access to a resource protected behind Cloudflare One.
## Prerequisites
@@ -31,15 +31,15 @@ Cloudflare Zero Trust enables you to restrict access to your applications to dev
## 1. Enable the WARP check
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Network**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Settings** > **Network**.
2. Ensure that **Proxy** is enabled.
-3. Go to **Settings** > **WARP Client**.
-4. In **WARP client checks**, select **Add new**.
+3. Go to **Reusable components** > **Posture checks**.
+4. In **WARP client checks**, select **Add a check**.
5. Select **WARP**, then select **Save**.
## 2. Add the check to an Access policy
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**.
2. Locate the application for which you want to require WARP. Select **Configure**.
diff --git a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/sentinel-one.mdx b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/sentinel-one.mdx
index 1a7ed0426d4b067..b24e4d30ff462d2 100644
--- a/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/sentinel-one.mdx
+++ b/src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/sentinel-one.mdx
@@ -10,7 +10,7 @@ head:
import { Render } from "~/components";
-Cloudflare Zero Trust can check if [SentinelOne](https://www.sentinelone.com/) is running on a device to determine if a request should be allowed to reach a protected resource.
+Cloudflare One can check if [SentinelOne](https://www.sentinelone.com/) is running on a device to determine if a request should be allowed to reach a protected resource.
## Prerequisites
@@ -26,9 +26,9 @@ Cloudflare Zero Trust can check if [SentinelOne](https://www.sentinelone.com/) i
## Configure the SentinelOne check
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **WARP Client**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Posture checks**.
-2. Scroll down to **WARP client checks** and select **Add new**.
+2. Go to **WARP client checks** and select **Add a check**.
3. Select **SentinelOne**.
@@ -43,4 +43,4 @@ Cloudflare Zero Trust can check if [SentinelOne](https://www.sentinelone.com/) i
4. **Signing certificate thumbprint (recommended)**: Enter the thumbprint of the publishing certificate used to sign the binary. This proves the binary came from SentinelOne and is the recommended way to validate the process.
5. **SHA-256 (optional)**: Enter a SHA-256 value. This is used to validate the SHA256 signature of the binary and ensures the integrity of the binary file on the device. Note: do not fill out this field unless you strictly control updates to SentinelOne, as this will change between versions.
-Next, go to **Logs** > **Posture** and verify that the SentinelOne check is returning the expected results.
+Next, go to **Insights** > **Logs** > **Posture logs** and verify that the SentinelOne check is returning the expected results.
diff --git a/src/content/docs/cloudflare-one/team-and-resources/users/seat-management.mdx b/src/content/docs/cloudflare-one/team-and-resources/users/seat-management.mdx
index 54e4372c0ec3b2f..b160143738640fd 100644
--- a/src/content/docs/cloudflare-one/team-and-resources/users/seat-management.mdx
+++ b/src/content/docs/cloudflare-one/team-and-resources/users/seat-management.mdx
@@ -5,15 +5,15 @@ sidebar:
order: 4
---
-Cloudflare Zero Trust subscriptions consist of seats that active users in your account consume. Active users are added to Zero Trust through any [authentication event](#authentication-events).
+Cloudflare One subscriptions consist of seats that active users in your account consume. Active users are added to Cloudflare One through any [authentication event](#authentication-events).
-The amount of seats available in your Zero Trust account depends on the amount of users you purchase. If you want to increase the number of seats available, you will have to purchase more users. Learn more about adding and removing seats from your account in the [Zero Trust FAQ](/cloudflare-one/faq/getting-started-faq/#how-do-i-change-my-subscription-plan).
+The amount of seats available in your Cloudflare One account depends on the amount of users you purchase. If you want to increase the number of seats available, you will have to purchase more users. Learn more about adding and removing seats from your account in the [Cloudflare One FAQ](/cloudflare-one/faq/getting-started-faq/#how-do-i-change-my-subscription-plan).
## Authentication events
-A user consumes a seat when they perform an authentication event. For Access, this is any Cloudflare Access authentication event, such as a login to the [App Launcher](/cloudflare-one/access-controls/access-settings/app-launcher/) or an application. For Gateway, this is when any devices associated with the user connect to Zero Trust within the [specified period](#enable-seat-expiration).
+A user consumes a seat when they perform an authentication event. For Access, this is any Cloudflare Access authentication event, such as a login to the [App Launcher](/cloudflare-one/access-controls/access-settings/app-launcher/) or an application. For Gateway, this is when any devices associated with the user connect to Cloudflare One within the [specified period](#enable-seat-expiration).
-If either one of these events occurs, that user's identity is added as an Active user to Zero Trust and consumes one seat from your plan. The user will occupy and consume a single seat regardless of the number of applications accessed or login events from their user account. Once the total amount of seats in the subscription has been consumed, additional users who attempt to log in are blocked.
+If either one of these events occurs, that user's identity is added as an Active user to Cloudflare One and consumes one seat from your plan. The user will occupy and consume a single seat regardless of the number of applications accessed or login events from their user account. Once the total amount of seats in the subscription has been consumed, additional users who attempt to log in are blocked.
A user who authenticates will hold their seat until you [remove the user](#remove-a-user) from your account. By default, inactive users will not be [automatically removed](#enable-seat-expiration) from your account. You can remove a single user or all users at any time, and those users will immediately stop counting against the seat count defined in your subscription.
@@ -23,15 +23,15 @@ If you notice a number of accounts greater than the number of your users, you ma
### Check number of seats used
-To check the number of seats consumed by active users in your organization, log in to [Zero Trust](https://one.dash.cloudflare.com). **Zero Trust overview** will display the amount of seats consumed and the remaining amount available. For more details on your users, go to **My team** > **Users**.
+To check the number of seats consumed by active users in your organization, log in to [Cloudflare One](https://one.dash.cloudflare.com). **Cloudflare One overview** will display the amount of seats consumed and the remaining amount available. For more details on your users, go to **Team & Resources** > **Users**.
### Revoke a user
When you revoke a user, this action will terminate active sessions, but will not remove the user's consumption of an active seat.
-To revoke a user from your Zero Trust organization:
+To revoke a user from your Cloudflare One organization:
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **My team** > **Users**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Team & Resources** > **Users**.
2. Select the checkbox next to a user with an **Active** status in the **Seat usage** column.
3. Select **Action** > **Revoke**.
4. Select **Revoke sessions**.
@@ -40,11 +40,11 @@ Revoked users can still log in if your policies allow them.
### Remove a user
-Removing a user from your Zero Trust organization will free up the seat the user consumed. The user will still appear in your list of users.
+Removing a user from your Cloudflare One organization will free up the seat the user consumed. The user will still appear in your list of users.
-To remove a user from your Zero Trust organization:
+To remove a user from your Cloudflare One organization:
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **My team** > **Users**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Team & Resources** > **Users**.
2. Select the checkbox next to a user with an **Active** status in the **Seat usage** column.
3. Select **Action** > **Remove users**.
4. Select **Remove**.
@@ -54,17 +54,17 @@ The user will now show as **Inactive** and will no longer occupy a seat. If a us
To automate the removal of users who have not logged in or triggered a device enrollment in a specific amount of time, turn on [seat expiration](#enable-seat-expiration).
:::note[User record persistence]
-You cannot delete or archive a user record. You can [remove a user](#remove-a-user) from a seat, but their user record will remain in your Zero Trust organization. Inactive users do not count towards billing.
+You cannot delete or archive a user record. You can [remove a user](#remove-a-user) from a seat, but their user record will remain in your Cloudflare One organization. Inactive users do not count towards billing.
:::
### Enable seat expiration
-Cloudflare Zero Trust can automatically remove any user who does not log in to an Access application or whose device does not show any Gateway activity for the specified period (between one month and one year). To determine if a user will be removed, Cloudflare looks for any authentication events and checks the **Last seen** value for all of the user's devices. If both of those are outside the expiration window, the user will be removed and will no longer count against your number of seats. This process occurs once daily for an account.
+Cloudflare One can automatically remove any user who does not log in to an Access application or whose device does not show any Gateway activity for the specified period (between one month and one year). To determine if a user will be removed, Cloudflare looks for any authentication events and checks the **Last seen** value for all of the user's devices. If both of those are outside the expiration window, the user will be removed and will no longer count against your number of seats. This process occurs once daily for an account.
To enable user seat expiration:
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Account**.
-2. In **Seat Expiration**, select **Edit**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Settings** > **Admin controls**.
+2. In **Remove inactive users from seats**, select **Edit**.
3. Select an inactivity time from the dropdown menu.
4. Select **Save**.
diff --git a/src/content/docs/fundamentals/manage-members/dashboard-sso.mdx b/src/content/docs/fundamentals/manage-members/dashboard-sso.mdx
index 9e90ac797fddb50..4ecaba7a6d31bdc 100644
--- a/src/content/docs/fundamentals/manage-members/dashboard-sso.mdx
+++ b/src/content/docs/fundamentals/manage-members/dashboard-sso.mdx
@@ -36,7 +36,7 @@ Cloudflare Dashboard SSO is available for free to all plans.
Add an IdP to Cloudflare Zero Trust by following [our detailed instructions](/cloudflare-one/integrations/identity-providers/).
-Once you configure your IdP, make sure you also [test your IdP](/cloudflare-one/integrations/identity-providers/#test-idps-in-zero-trust).
+Once you configure your IdP, make sure you also [test your IdP](/cloudflare-one/integrations/identity-providers/#test-idps-in-cloudflare-one).
## 2. Register your domain with Cloudflare for SSO
diff --git a/src/content/partials/cloudflare-one/access/okta-zt-steps.mdx b/src/content/partials/cloudflare-one/access/okta-zt-steps.mdx
index 5a9851e38bb80df..29c703aba50c19e 100644
--- a/src/content/partials/cloudflare-one/access/okta-zt-steps.mdx
+++ b/src/content/partials/cloudflare-one/access/okta-zt-steps.mdx
@@ -25,4 +25,4 @@ import {} from "~/components"
17. Select **Save**.
-To [test](/cloudflare-one/integrations/identity-providers/#test-idps-in-zero-trust) that your connection is working, select **Test**.
+To [test](/cloudflare-one/integrations/identity-providers/#test-idps-in-cloudflare-one) that your connection is working, select **Test**.