I’m currently using:
- GH as idp setup for Cloudflare zero trust team’s access and only allowed my gh’s user email to login/access the application behind Cloudflare zero trust (currently running cf tunnel)
- Also, as my user has to login to Cloudflare zero trust using the warp client with the gh sso using the only email address specified and only then I can access the application
- It is actually an ssh application (running on ec2 isntance) and
cloudflareddaemon is running on the same ssh server.
- The process of accessing the machine via rendering it in browser terminal is working fine but there is a problem as per my understanding.
What is working:
- As soon as I disconnect the warp client, I cannot connect to application - this is expected and working as per my purpose
And it is as follows:
What is not working or what I am trying to achieve:
- As soon as I reload a tab, the authentication should be prompted again → that is → login to the gh’s sso again and access the application
- As soon as I try to access the same domain (on which application is running) - It asks me login to the application again
I’ve tried with session duration at token level and application session duration but nothing seemed to be working.
I also tried looking into
cors settings and
cookie settings at application level, but I just can’t figure it out.
Is it possible or not to achieve this^?