Restrict access to certain end points

What is the name of the domain?

www.myapp.com

What is the issue you’re encountering

I need to restrict access to few end points

What steps have you taken to resolve the issue?

I tried looking at documentation but I don’t find the document related to how will I achieve this

What feature, service or problem is this related to?

I don’t know

What are the steps to reproduce the issue?

I have a website, www.myapp.com, with the domain registered in Cloudflare. I’ve deployed a Cloudflare tunnel and would now like to conduct some tests. Specifically, I want to configure access so that certain endpoints are publicly accessible while others remain private. For example, www.myapp.com/public should be accessible to everyone, while www.myapp.com/private should be restricted and only accessible through the Cloudflare tunnel VPN, with authentication via Gmail or Azure AD login. Additionally, I have other endpoints where I’d like to apply similar rules, making some public and keeping others private. Could you provide guidance on how this can be achieved and share any useful documentation?

I’d suggest you to use Zero Trust for Access your application.
Add your application (domain, path …), therefore configure your Access policy for such path of the application. You can then connect and allow only the specific emails/3rd-party identity provider (MO365, etc.) tenants, or add enroll users/registered devices (endpoints?) via WARP setup on them to be able to acces it.

You could just use the Access for your case. Therefore, only specific users (e.g. if they have access to their email, add them to the allowed list) would be able to access it (no matter which device) via One-time PIN/MO365.

Helpful articles: