How to to exclude one url from Zero trust access?

First all great product! I love Cloudflare!

I was wondering how I could protect an url with Cloudflare zero trust access but exclude one deeper laying url?

For example:
login,domain,com should be protected
but login,domain,com/include_this_js_in_your_website.js should be excluded. Because it should be embedded somewhere in a website and so end-users will need to load this js.

You need to create a new application, for that specific URL, with a Bypass Everyone rule.

1 Like

Hi Matteo,

Thanks for your answer. I’ve tried that but then I get the sign-in screen when I browse to: login,domain,com/include_this_js_in_to_your_website.js

When I first add the application with the “allow for everyone” on “login,domain,com/include_this_js_in_to_your_website.js” and “Show this app in App Launcher” it works but from the moment I add the second application to protect “login,domain,com” I get the sign-in page. Also on “login,domain,com/include_this_js_in_to_your_website.js”