CF_Authorization cookie not accessible on mobile

Hi everyone,

I have an app protected with Cloudflare Zero Trust/Access using Facebook as the main identity provider but having some issues with mobile users.

The app is primarily written in PHP running on Apache and I have been able to access the CF_Authorization no problem with users on desktop, however, mobile users do not seem to be passing the cookie to the web server (PHP errors report that CF_Authorization cookie does not exist) so I am having a tough time authenticating requests.

Not sure if it’s related, but the /cdn-cgi/access/logout URL also doesn’t work on mobile but it does work on desktop.

I have mainly tested this on Safari using iOS 16.1.1.

Any advice would be much appreciated. Thanks!

Try adding urls that don’t work to this website: https://search.google.com/test/mobile-friendly

Sorry if this is a newbie question, but if my app is behind Cloudflare, how can that test access it without authenticating? When I run it against my app URL, it returns an error “URL is not available to Google”

Try testing the code of the webpage instead (if you have access)
Otherwise you might have to contact support.

Ok thanks, I can try to make a copy on a different URL and try to validate the site first.

There is an option to add code directly