Cloudflare Access Applications not able to communicate

Currently, we have two zero trust applications set up on two different subdomains, one front-end app and the other is an API. Access to each of these individually works just fine but the front-end app can’t call the API since all requests are redirected to the Cloudflare authentication screen.

I have tried every possible combination of CORS settings and even set up Google SSO but can’t seem to get API calls from the frontend app to be authed when communicating with the API app. Is this currently even possible using Cloudflare Zero Trust applications?

You use Service Tokens in headers for automated traffic to get past Cloudflare Access.

https://developers.cloudflare.com/cloudflare-one/identity/service-auth/service-tokens/

Exactly what I was looking for. Thanks

1 Like