Login to Cloudflare Zero Trust, Forbidden

I’ve currently setup a tunnel that allows be to connect to applications on my domain foo, such as bar.foo.com and this works perfectly. I’m now trying to setup the Warp client on my phone as some app I want to use services on my home network don’t support Cloudflares authentication as an existing layer between it and the backend, as such if I understand correctly I should be able to set up the WARP client, and use that to connect to these services without the extra auth step.

When I try to Login to Cloudflare Zero Trust in the Android app, I get the error ‘Forbidden, You do not have permission to view this page’ when it attempts to access https://teamname.cloudflareaccess.com/warp.

I tracked down the root cause of this to the Device enrollment permissions, and if I change this to include Everyone, it’s possible to login`. For the permissions I include a group (which is the same as I use for authenticating via the tunnel when accessing via bar.foo.com), which is setup as

Include [email protected], [email protected]
Require Login Method Google

What is wrong with this setup?


Turns out the group policy wasn’t actually selected :roll_eyes: