I was able to successfully get Cloudflare Access working for my site which connects to a locally hosted Home Assistant instance. Home Assistant allows API access from different apps for status and presence updates via a domain/api/ call. Unfortunately, Cloudflare Access breaks this.
How can I make web traffic go through Cloudflare Access to my website to view the Home Assistant front end, requiring Google or whatever authentication I need through Cloudflare Access, then let domain/api traffic go through without addition authentication? Same address, only difference is /api/xxxxxxx
The site still has its own authentication password so there isn’t really an unsecured path, just not as secure for api calls.