Bypassing Authentication for Gateway Users

Hi, I’m trying to setup a Policy rule for an in-house web application such that users that are connected to the gateway (ex. via WARP), wouldn’t get the Cloudflare Access login and would bypass that. I’ve setup enabled Gateway in Network settings, added the bypass policy, and added the Cloudflare cert. However the bypass is not working. I read something about having to add “Cert Pinning” bypass for the application, but I dont know if that applies to a web application and how to add a custom one to the list.

Added a bypass policy where/how?

You should create an Access policy which has Require Gateway as the only criteria based on your described use case.

1 Like

I added the Application and then an Access policy under the application.

I dont want to make gateway required. I like to configure it so that if they are connected to gateway, the Cloudflare Access login screen is bypassed.

Go to Settings | WARP and create a device posture:

Create an Access Group:

In the Application, create a policy:


Thank you both for the quick help.
I learned both about requiring gateway connection and bypassing login screen with it. Trick was the Service Auth.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.