I have an Android app that I would like to authenticate using Cloudflare’s “Access” feature. Within the application you enter specific URLs that will take back to a server within my network. If I protect the application with the “Access” feature the application has no way to verify credentials via an identity provider. Is there any method I can use to make this work?
You might be able to use Mutual TLS or Signed requests.
https://developers.cloudflare.com/workers/archive/recipes/signed-requests/
It appears “Mutual TLS Authentication” might do the trick. In the article you provided it stated “Mutual TLS authentication (mTLS) through Cloudflare Access requires additional account permissions. If you are interested in enforcing mTLS authentication in your application with Access, please contact your Customer Success Manager.” I’m currently using a free Cloudflare account, do I have access to a “Customer Success Manager”?
I didn’t want to start a new thread, but I am also looking into mTLS for a similar reason. Again, I don’t have a “Customer Success Manager” however I am happy to pay $5 to $20 a month for accessing this feature.
How do I go about getting permissions?
Bump
Looking for the same functionality. I’ve implemented Access with an identity provider, but also have services that need to be accessed by a variety of Android apps behind the Access wall. I imagine that mTLS is reserved for higher-tier customers beyond the free level, but it’d be nice to have clarification on that as I would foresee that to be the only correct and good way to go about securing that access for apps on mobile hardware.
This topic was automatically closed after 30 days. New replies are no longer allowed.