Hey @tobi and @erictung .
I have the same issue when using email address on the policy, however, when using IP range, everything works fine.
I opened a ticket if you wish to take a look # 2450209
let me know if it can be escalated and/or if you have any questions.
Possibly related to @AnsRed’s issue - I also have access policies that are restricted solely by emails, and I use OTP to login. This morning I added a new email address to my user group and no emails are being sent when I request an OTP. I also tried adding the email address directly to the policy rather than through the group, and that didn’t help.
I can see the policy updates in the audit history showing the new address, but when I try “Test your policy setup”, most checks fail the following, even for existing email addresses for which OTPs are successfully sent:
Error testing your policy: access.api.error.invalid_user_id
When the policy tester doesn’t fail, it shows a denial for the newly-added address, and only the prior emails are displayed in the allow list.
Setting up new CF zero trust (free account). I have setup access groups, one time password auth, and some basic policy. Have installed CA certs on devices. I am unable to add devices, login to the teams site, or login warp via the team domain setup name.
On android device:
unable to find you access organization! page
On windows device:
entered team name appears invaild or there is no device policy set
By browser directly to to the teams url in setting xxxxxxx.cloudflareacess.com:
ever spinning circle.
What am I missing?
Cloudflare Access seems to be broken for me:
When adding another Identity Provider, I receive " Unable to find the requested identity provider!", when clicking on Test. I already tried multiple Identity Providers - same result.
When adding an application I receive “Unable to find your Access application!
It appears that you have attempted to reach an invalid URL. Please navigate to your application url.”
Even tho it is registered as an Access Application, an I get redirected to .cloudflareaccess.com
App Launcher cannot be accessed too. There I receive " Welcome back! Please contact your administrator to enable the Access App Launch on your account", even tho I am the super admin of this.
Also tried to set the access policies to allow everyone which did not change anything.
I have the exact same problem, spent 2 hours today trying to get it to work today. Same error messages. Authentication provider integration tests OK but get the same error messages as you. Something must be broken somewhere.
@MoreHelp - tryna escalating this…
Changing Team Domain does not solve the problem - accessing new Team Domain results in infinite loading… same as if you type something_that_does_not_exists.cloudflareaccess.com
Seems as reprovisioning of new team domain does not work either
Do you even get a Login Option? I tried to open it in an Incognito Tab. It instantly says that I have no access. Normally there should be a Login where you could authenticate…
Nope, no login prompt at all. Tried with different authentication methods, same result.
Do you have some specific steps to try and replicate this? Is this on newly created accounts or is it whenever you add an application?
My Account is old, nothing in my account works, not the app launcher, neither new nor old apps, even with changed team domain, then it cannot find access organization
I don’t seem to be able to confirm this. I can create new applications in the dashboard OK and App Launcher is working fine on my account.
Open a support ticket and include a HAR file, unlikely community members will be able to assist if it is a system issue
I’ve had my account for some months but it wasn’t until today I decided to try out Access. Kind of hard to know what to expect when setting things up for the first time so I’ve spent a lot of time looking for info on how to “…enable the Access App Launch on your account” as an admin.
When opening a support ticket as free planner it gets instantly resolved and they say post your issue here x-x
Seems there has to be an issue on the Cloudflare end.
Tried Access on a new account, registered team domain.
When accessing team domain: Infinite loading
When accessing Access Application: Unable to find your Access organization! It appears that you have attempted to reach an invalid URL. Please enter a valid team name.
I’m currently discussing the reported Access issues with Cloudflare Support to see if there may be a wider issue and will update here as appropriate.
I signed up for a free account at Cloudflare Zero Trust.
I tried to follow the instructions to change the DNS and DoH settings on my router but that didn’t seem to work in routing my traffic through Cloudflare automatically - all of the logs are empty and it says it doesn’t have any statistics for me in the Analytics page.
However, when I get to 126.96.36.199/help, it says that I am running DoH and connected properly:
However, that might be because earlier I used Cloudflare for Families DNS and DoH.
In order to set up DoH on my Mikrotik router, I deleted all DNS servers and set up DoH and added a static DNS entry for my Cloudflare DoH gateway pointing to its A record.
After failing to protect the traffic the agentless way (via DNS configuration of the router), I then proceeded to install the WARP client. However, both on my mobile device and my laptop when I try to log in I get to the following page:
So it looks like I am totally unable to get this to work. Could you please help me in resolving this issues? I’d prefer to get the local network to work first before moving further with the WARP method but any assistance would be appreciated.
Thank you for your help,
I’m currently discussing several reported Access/Teams issues with Cloudflare Support to see if there may be a wider issue and will update here as appropriate.