Localhost on Docker cannot access our web services despite entering Cloudflare OTP

Zero Trust Access
1

We had our Cloudflare access setup to have a Login method using One-Time Pin. Everything works the way we want, wherein our colleagues can continue accessing our non-public servers from outside our company office as long as they provide their email for OTP verification.

However, we are using Docker to run the dev environment of our web applications on Windows OS. After entering their email and using the OTP, they are able to access our servers directly via browser and through Postman, but localhost running on Docker cannot access the servers through REST call. Upon reading the response from browser’s dev tools, it has a response code of 302 and tries to redirect to cloudflareaccess.com/cdn-cgi/access/login/

The temporary solution we did was to include the developer’s specific IP in the AllowedIP (bypass), but we always had to ensure we remove this at end of day.

So the question is, is there a way to allow our Dockerised localhost machines accessing web services under protection of Cloudflare OTP? Once we submit the OTP, our Dockerised localhost should also be able to access those web services.

2

:wave: @jelauria,

Not sure I entirely understand the issue, but perhaps this is what you are looking for?

https://developers.cloudflare.com/access/cli/connecting-from-cli/

or perhaps this

– OG

3

Hi @OliverGrant ,

Thank you so much for your response!
I think the Connecting from CLI you shared is the best solution we can apply for our situation.

We only had to apply a small code change in our application’s code to include the “cf-access-token” header in its curl requests if an environment variable exists.

We would have preferred not to apply any code change, but it seems this is our only option.
So once we acquire the token, we add it as environment variable to our container and it will do the trick.

Thank you!