Access Service Tokens not working?

I'm trying to use Service Tokens with Cloudflare Access but they are seemingly not working...

Steps taken:

  1. Created service token
  2. Added
    CF-Access-Client-Id
    and
    CF-Access-Client-Secret
    headers
  3. Added an Include rule for the service token in question in the Access application's additional rules
Cloudflare just completely ignores the
CF-Access-Client-Id
and secret and shows that it has never been used before, and it redirects to the Cloudflare Access sign in page.

In desperation, I also added rules to allow any access service token both to the application and the access group of the application, which also did not work.

I've tried it from a Cloudflare Worker, Curl, and Fiddler and in any case despite passing the CF-Access headers it just redirects without giving a JWT.

Am I missing anything?
image.png
image.png
image.png
Was this page helpful?