Cloudflare Zero Tunnel Bypass API URL

Greetings,

I am protecting websites behind the Cloudflare tunnel/application menu in Cloudflare Zero.

For one application, I would like to continue to prompt for requiring a signin using the settings in the Application section, however I would like to ignore these settings for HTTP requests to something like domain[.]com/api - so that no login prompts are generated by Cloudflare to this path.

I am not sure how to go about doing this though.

You can do that if:

a) It’s only HTTP (no SSL)
b) Both HTTP and HTTPS but installing the provided certificate for TLS decryption.

Create a policy rule for /api with an action of bypass and apply to everyone with no auth method.

https://developers.cloudflare.com/cloudflare-one/policies/access/#:~:text=​​%20Bypass,is%20always%20asked%20to%20authenticate.

3 Likes