Shield API

We are trying out the Shield API feature. The feature works fine with backend API, but we were wondering if it’s possible for us to use it to protect frontend domains as well?

Right now if we enable Shield for frontend, we receive a page that notify us that the page is protected, without any prompt to select our certificates. Is there a way to enable the browser certificate prompt thus allowing users to access protected domain through their browser?

I believe that is what CF Access Mutual TLS Authentication is for on CF Enterprise plans

Appears to work for me with a browser, although possibly not the intent of the API shield.
Using Chrome + Windows 10 + Certificate in the windows store, private key on a Yubikey PIV.

This topic was automatically closed after 30 days. New replies are no longer allowed.