Cloudflared Access - How to Clear Login Info

albert7 · March 15, 2023, 3:52am

Hi All,

I have setup a Cloudflare Tunnel and add and TCP application to access our internal database. We are using this command : cloudflared access tcp --hostname internal-mysql.company.com --url localhost:3306.

When it ran for the first time, there will be a pop up in the browser tab and there is two possibilities , correct me if I am wrong :

If we have already login into Cloudflare, we will be shown Approve or Deny
If we don’t login to Cloudflare, we will be redirected to a page where we can enter our email address and we will get an OTP.

After that, I can connect to my internal database using localhost:3306. But next time when I run this command again : cloudflared access tcp --hostname internal-mysql.company.com --url localhost:3306, I don’t need to authenticate anymore. My question is : is there any way to logout/invalidate the login token? so for every new cloudflared session, we need to authenticate again.

Please advise. Thank you.

Regards,
Albert

Cyb3r-Jak3 · March 15, 2023, 9:04pm

Have you tried dropping the session duration for the access application? There is an option to expire immediately, which sounds like it might do what you want.

erictung · March 18, 2023, 3:33am

Assume that you are using Windows, I have a batch script to delete the entire .cloudflared folder within the user profile folder since it contains the session token:

del /S /Q "%USERPROFILE%/.cloudflared/"

However I think @Cyb3r-Jak3 answer is spot on.