I’m trying to bypass a bitbucket web-hook request to one of my servers protected with Cloudflare Access. Unfortunately its not going through as the web-hook is redirected to the CF login/code page. I can see this on the bitbucket side when debugging the web-hook requests.
I have added access policy based on ip-address ranges. When disabling the policy entirely the web-hook works.
I have added both IPv4 and IPv6 ranges as listed on this page:
On other similar setups I can see the IP-address originating from bitbucket are 188.8.131.52 and 184.108.40.206 which are to my knowledge included in what I have added as ranges on the Cloudflare side.
Unfortunately there is no log available inside CF Access because no actual authentication is done by the web-hook.
Can someone help me in the right direction ?