How to connect Okta to Cloudflare Access

Avatar
Dani Grant
Follow

First, in your Okta account, create a new Application. Go to Applications, and click 'Add Application'

Screen_Shot_2017-08-11_at_6.34.59_AM.png

Then click 'Create New App'

Screen_Shot_2017-08-11_at_6.38.56_AM.png

As the application integration type, select OpenID Connect.

Screen_Shot_2017-08-10_at_4.40.37_PM.png

Name the application, and in the field Login redirect URI's, put your authorization domain /cdn-cgi/access/callback. Click Save.

Screen_Shot_2017-08-10_at_4.41.34_PM.png

Then Okta will show you your completed Application.

Scroll down to the OpenID Connect Token section and click Edit.

Screen_Shot_2017-08-11_at_8.02.54_AM.png

In the groups claim field, switch 'Starts With' to 'Regex' and set it equal to .*

Screen_Shot_2017-08-11_at_8.03.13_AM.png

Click Save.

Now scroll down to copy your Client ID and Client Secret from the Okta dashboard and then paste them into the Cloudflare dashboard.

Screen_Shot_2017-08-10_at_4.42.06_PM.pngScreen_Shot_2017-08-10_at_4.43.15_PM.png

In the Okta dashboard, click on Assignments for the Application.

Screen_Shot_2017-08-11_at_6.14.50_AM.png

Then assign to the group 'Everyone'. (You will lock down access in the Cloudflare Access dashboard)

Screen_Shot_2017-08-11_at_7.01.28_AM.pngScreen_Shot_2017-08-11_at_7.01.37_AM.png

Screen_Shot_2017-08-11_at_7.01.18_AM.png

Now go to the Cloudflare dashboard and specify which Okta groups and users should be allowed or denied access.

Screen_Shot_2017-08-11_at_6.56.03_AM.png

 

Was this article helpful?
0 out of 0 found this helpful
Still not finding what you need?

The Cloudflare team is here to help. 95% of questions can be answered using the search tool, but if you can’t find what you need, submit a support request.

Submit a request

Popular questions: Why is my site slow, 522 errors, I'm expecting a spike in traffic

Powered by Zendesk