Question about phases and rule execution

anders14 · February 24, 2025, 9:03am

What is the name of the domain?

nda

What is the issue you’re encountering

Unable to add custom header after Access headers are added

What steps have you taken to resolve the issue?

Reading docs

What are the steps to reproduce the issue?

I have a site protected by Access and want a custom header based on the headers that Access adds on all requests going to the site.

Create a request header modification rule.
Add a new header: X-Forwarded-User = http.request.headers[“cf-access-authenticated-user-email”][0]

This does not seem to work.

Reading the documentation it’s unclear if it is supposed to work.
Phases list · Cloudflare Ruleset Engine docs says “HTTP Request Header Modification Rules” are evaluated after “Cloudflare Access”, giving me the impression that this should work.
But on the Rules Overview page the “Traffic sequence” suggests it’s the other way around? Which is it? Can this work?

Screenshot of the error

ncano · February 25, 2025, 12:33pm

Access is called before HTTP Request Header Modification Rules phase, we’ll revisit the order in Traffic Sequence UI to make sure it is up-to-date.

However, despite the order of execution, Transform Rules will not be able to retrieve Access header currently, but you can still do this with Snippets or Workers: Create custom headers for Cloudflare Access-protected origins with Workers · Cloudflare Zero Trust docs.

system · February 27, 2025, 12:33pm

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Missing the permissions required to create zone rulesets in the http_request_late_transform phase Access	1	2086	December 15, 2022
Using header added by Request header Transform rule in WAF Security	3	434	May 16, 2024
Transform rule to add header based on hostname not applying Rules	4	940	September 17, 2023
Transformation rule creation Rules	0	718	May 29, 2023
Modify Headers With Workers Developers	3	1264	June 30, 2023