Tunnel returns 403 if I am logged in

Trying to expose an electron app running at my localhost:30000

If I try to create a new tunnel without credentials via cloudflared tunnel --url http://localhost:30000 with my config file removed it works flawlessly. It gives me a temporary url and I can see it is working just as intended.

However if I create a config file (currently in this condition):

tunnel: <tunnel-ID>
credentials-file: C:\Users\<username>\.cloudflared\<tunnel-ID>.json

ingress:
  - service: http://localhost:30000
    originRequest:
      noTLSVerify: true

I get a 403 Forbidden / cloudflare-nginx

Now I understand that this is probably something wrt my config file but can’t figure out and am losing my hair on it.

Additional info: No error message or anything in logs when I am accessing with the 403 error, no logs after Connection <some-id> registered connIndex=3 ip=<ip> location=<region>

So I believe I am getting connected but somehow my access is being blocked.

That 403 error typically means that something is getting messed up on the Cloudflare side. Do you have a ray ID for the requests? It can be submitted to Cloudflare, so they can debug on their side.

I don’t, I am not getting any other information except the 403 Forbidden / cloudflare-nginx

It does seem like I can access the files, but not the nodejs server routes, which is very weird.

if i recall correctly It seems you are missing your hostname here (and a required catchall rule too…) on which you want to access your app?
Try this and see if you still get the error?

ingress:
  - hostname: host.domain.xzy
    service: http://localhost:3000
       originRequest:
      noTLSVerify: true
  - service: http_status:404

PS: Have you tried the new aproach where you configure a tunnel via the dashboard, it takes out the work in fiddling with these config files

I tried the second config and I get the same issue, a 404 error.
I have tried the new dashboard only tunnel and also get 404.

However the only way when it works is when I create a logged out CLI tunnel where it gives me the randomly generated url.