Cloudflare docs logomark
Cloudflare
Docs
Cloudflare-One
Navigation menu icon
Open external link
Cloudflare docs logomark
Cloudflare
Docs
Cloudflare Zero Trust
Dropdown icon
Cloudflare Zero Trust menu
Blog: Introducing Cloudflare One
Cloudflare for Teams pricing
Cloudflare homepage
Overview
Get started
Tutorials
Expand: Identity
Identity
One-time PIN login
Expand: SSO integration
SSO integration
Generic SAML 2.0
SAML | Centrify
SAML | Okta
SAML | OneLogin
SAML | Jumpcloud
SAML | Active Directory®
SAML | PingIdentity®
SAML | Citrix ADC
SAML | Signed AuthN requests
SAML | Keycloak
Generic OIDC
OneLogin OIDC
Centrify
Facebook
GitHub
Google
Google Workspace
LinkedIn
Microsoft Azure AD®
Okta
Yandex
Expand: Device posture
Device posture
Gateway
WARP
Azure AD
Carbon Black
SentinelOne
Tanium
Mutual TLS
OS Version
Device serial numbers
Application Check
File Check
Domain Joined
Disk Encryption
Firewall
Expand: User management
User management
Access groups
Session management
Short-lived certificates
JSON web tokens
Expand: Service auth
Service auth
Service tokens
Login page
Expand: Connections
Connections
Expand: Connect resources
Connect resources
Expand: Get started
Get started
Expand: Deploying
Deploying
Deploy cloudflared in GCP
Downloads
Tunnel guide
Tunnel permissions
Useful terms
Useful commands
Expand: Configure tunnels
Configure tunnels
Expand: Configuration file
Configuration file
Ingress rules
Command-line options
Ports and IPs
Expand: Route traffic
Route traffic
Kubernetes
DNS record
Load balancers
Expand: Run a tunnel
Run a tunnel
Expand: Run as a service
Run as a service
Linux
MacOS
Windows
Deploy replicas
Quick Tunnels
Expand: Do more with Tunnel
Do more with Tunnel
Migrate legacy tunnels
Secure the Server
Tunnel Hosting Requirements
Expand: License
License
Copyrights
Expand: Connect networks
Connect networks
Expand: Locations
Locations
Add locations
Dedicated destination IPv4 and IPv6 addresses
Expand: Private networks
Private networks
Private hostnames and IPs
Expand: Connect devices
Connect devices
Expand: WARP
WARP
First-time setup
Download WARP
Install the Cloudflare certificate
Expand: Deploy WARP
Deploy WARP
Expand: Managed deployment
Managed deployment
Expand: Partners
Partners
Hexnode
Intune
Jamf
JumpCloud
Kandji
Parameters
Manual deployment
WARP with Firewall
Expand: Exclude or include network traffic with WARP
Exclude or include network traffic with WARP
Local Domain Fallback
Split Tunnels
WARP settings
Remove WARP
Expand: Agentless options
Agentless options
DNS over HTTPS
DNS over TLS
Native OS
Router setup
Expand: Applications
Applications
Expand: Add web applications
Add web applications
SaaS applications
Self-hosted applications
Cloudflare dashboard SSO application
Expand: Add non-HTTP applications
Add non-HTTP applications
Arbitrary TCP
Add bookmarks
App Launcher
Expand: Policies
Policies
Expand: Secure Web Gateway
Secure Web Gateway
Expand: DNS policies
DNS policies
Check that a policy is working
DNS Categories
Expand: HTTP policies
HTTP policies
Global rules
Order of enforcement
Applications and app types
Tenant control
AV scanning
Network policies
Create identity-based policies
Block page
WARP sessions for Gateway policies
Expand: Zero Trust
Zero Trust
Policy management
Require Purpose Justification
Common configurations
CORS
Application paths
Enforce MFA
Temporary authentication
Expand: Browser Isolation
Browser Isolation
Accessibility
Setup
Known limitations
Extensions
Lists
Expand: Analytics
Analytics
Shadow IT Discovery
Gateway
User logs
Expand: Zero Trust logs
Zero Trust logs
Activity logs
Access Audit logs
Tunnel Audit logs
Expand: API and Terraform
API and Terraform
Access API examples
Scoped API tokens
Terraform
Glossary
Roles and permissions
Technical limitations
FAQ
Search icon (depiction of a magnifying glass)
Give Feedback
GitHub icon
Visit Cloudflare Zero Trust on GitHub
Light theme icon (depiction of a sun)
Dark theme icon (depiction of a moon)
Set theme to dark (⇧+D)
Do more with Tunnel
Migrate legacy tunnels
Secure the Server
Tunnel Hosting Requirements