Cloudflare tunnel, API access to the internal application
So I have this internal app with a UI, that people can access with cloudflare HTTP tunnel, and use their email to login.
We need to allow API requests against this internal app, so I created a Zero trust > Access > "Service Auth" token. I put the headers given by Cloudflare in postman, and test the request, but hit the cloudflare "Sign in ・ Cloudflare Access" HTML page.
After re-reading the documentation, I find out that in Zero trust > Access > Applications, I need to add another policy to my Application:
We need to allow API requests against this internal app, so I created a Zero trust > Access > "Service Auth" token. I put the headers given by Cloudflare in postman, and test the request, but hit the cloudflare "Sign in ・ Cloudflare Access" HTML page.
After re-reading the documentation, I find out that in Zero trust > Access > Applications, I need to add another policy to my Application:
- one for the user emails with SSO login, action "allow", ending with @myorg.com (the default, for users.)
- one for the API, I select the action "Service Auth", and include a rule to allow any Access service token. (the new one I added)
