Clloudflare One self-hosted Application Issue SSO

I hosted the ERPnext application on the domain “app-dot-domain-dot-com,” which includes a login page, I integrated this domain with Cloudflare Zero Trust in the “Applications” section inside the self-hosted application. Within Cloudflare, I enabled Single Sign-On (SSO) using Azure Active Directory (AD) login for that domain.

While the Azure AD authentication process worked successfully, I encountered an issue afterward. When attempting to log in to ERPnext, I provided my username and password, but I received an “invalid credential” error.

To address this issue, I removed my application from Cloudflare Zero Trust, and I was able to log in to the ERPnext page without any problems.

I’m seeking assistance in understanding the root cause of the login issue that occurred when Cloudflare Zero Trust was enabled.

Have you tried the test button to make sure that a user is supposed to have access? It could be the policy doesn’t allow access.

1 Like

So you are saying that this happens once you’ve authenticated through Cloudflare Access and attempted to perform second authentication on ERPnext login page, but you saw the invalid credential error?

@erictung Right!

@Cyb3r-Jak3 Yes, I tried the test button and was able to access the application but having an issue while logging in to the application. (Second login page of ERPNext)

Does he have rights to start the cloudflare App lauchner? I have similar issue. It works only, if the user has access to the launcher portal.

For your clearance,

I have an ERPNext app running on eg erpnext. com, and that application has a login page (1).

Before enabling Cloudflare SSO for that application, I’m able to login to the application.

However, after enabling SSO for the application, I encounter two login options:

  1. Azure AD SSO
  2. Application login page

I can successfully login using the Azure AD SSO page.

However, when I attempt to login to the Application login page, I receive an “Invalid credentials” error.

Thanks for the detail information. In fact it looks different to my issues. We have just local application published and nothing linked to another cloud.