5 replies

Self hosted application authentication with Zero Trust

Hello. I'm trying to do authentication on my self hosted application with Zero Trust. If I just read

Cf-Access-Authenticated-User-Email

Cf-Access-Authenticated-User-Email

and authenticate the user that way, is it secure enough? Or it's better to manually validate the JWT token server side? Thank you

Self hosted application authentication with Zero Trust - Cloudflare Developers