Add Authy to Cloudflare Access

user14601 · September 7, 2023, 5:31am

Good day reader,

I would love to know if someone managed to get Authy Working as a Zero Trust Provider for thje Clouflare Acess login? Here is now use my email but i would love to get a random Authy code instead.

If i Choose Authentication Method; MFA on the Applications page. I does doing… nothing.

Would love to have this feature.

user14601 · October 8, 2023, 1:52am

1 month later, not a single reaction…

cscharff · October 8, 2023, 2:32am

Authy is not an SSO provider, it is a second factor authentication. To use mfa as an authentication mechanism you need to use an actual IdP and configure that IDP to support Authy as your 2FA source when requesting a login which requires a second factor for authentication.

user14601 · October 10, 2023, 3:38am

my apps does work with them, only cloudflare doesnt work with Authy. I wasnt asking for SSO, just to replace the email authentication to Authy 2FA

sdayman · October 10, 2023, 3:47am

There’s no such thing as a “random Authy code.” Authy codes are tied to user identification, which is why you would need an IdP from cscharff’s link that uses Authy for 2FA. Then that Authentication Method can specify MFA use.

cscharff · October 10, 2023, 6:11am

Cloudflare Access works with Authy just fine. I described how.

You can’t. The 2 in 2FA means ‘second’. To have a second requires a first. To have more than one factor in authentication requires an additional factor for authentication beyond Authy. The supported additional factors for use with Authy are described in the link I provided in my previous reply.

user14601 · October 18, 2023, 3:56am

Maybe i didnt put the question correctly. So lets say im going to a tunnel link of my docker container, i login with 2fa by getting an email validation code, which works. but can this email be replaced with authy, aka 2 2fa app?

sdayman · October 18, 2023, 4:26am

That’s still not 2FA. It’s a One-Time PIN:
https://developers.cloudflare.com/cloudflare-one/identity/one-time-pin/

To use Authy, one must first enter a username, then a password. Once that’s accepted, you’re prompted for a 2FA code. Those need to happen in relatively short succession. That’s what SSO checks for before you’re allowed through Access, if that’s the configured method.

system · October 21, 2023, 4:26am

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.