How to know which user has passed the "cloudflare access"

Scenario : I have config “cloudflare access” to protect my website with email+otp around 10 emails and tested successfully.

Then at my website I need to get email of “authenticated user” who accessing the website without re-authenticate them again. Is there a way ? like cookie or http headers ?


It’s included in the JWT sent to the origin. Example plugin consuming the JTW to authenticate into an existing application: cloudflare/cloudflare-access-for-atlassian: Authenticate Atlasssian products when using Cloudflare Access (

If you use integrate with OAuth or something other than email+otp it may include the jwt but in my solution , there is no jwt token or something else was pushed to my application.

You can try it your self by set “access” with only “email+otp” and inspect your raw http data.

Is there other way ? I don’t want to tightly integrate with my authen server. So i decided to use with email only

Using OTP I receive both


headers at the origin server.

1 Like

Thanks for your help, now I know why my things doesn’t work

I use “rules” to redirect the other domain, with 301 redirect so it doesn’t forward the cf* headers to that server (pipedream)

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.