[CF Access] Authenticate entire server

I have a service (a website) protected with CloudFlare Access, which means that whenever I try to access it, I see a login page (I have configured Google auth as the auth mechanism). This works exactly as expected from and end user point of view.

But whenever I try to curl my service from a server, the curl request gets redirected to cloudflareaccess.com

I’m aware that I can get an access token using “cloudflared access login” abd then inject that token in my curl command with the “cf-access-token” header, but this solution doesn’t scale.
I have quite some applications (in the same server) trying to access my website, and I can’t modify them all in order to inject that header. (ej: I can’t modify all my bash scripts using wget, I can’t modify all my django apps that use the “requests” module, etc…)

Is there any solution that would allow me to authenticate “the entire server”?

Mutual TLS , whitelist the IP or is this is on the same box modify DNS resolution so it doesn’t go out through Cloudflare and back in.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.