Question about user authentication

I have just started with Cloudflare tunnel to provide access to some internal resources on my home network.
I am struggeling a bit with the right kind of user authentication.

I have set up an application in the zero trust dasboard.
I’d very much prefer the google authentication. (I don’t have a workspace account).
The way I have set it up - everyone with a google login can access my website. And I wan’t to restrict the access to a small number ob people.
I have tried to add a policy with the addiotional rule to include only specipic gmail adresses - but it seems as this approach is not working.

Is it just not possible a all? Or am I doing it wrong?

What else would you use to restict access to a limited group of people?

I have tried to add a

I have tried this rule:

Which should block everyone except my email. I use the google authentication - but the access still gets blocked.