WARP as an Access Authentication Method

Greetings from the Access team! I am excited to announce WARP as an Authentication Method in Cloudflare Access. This feature is available to all Zero Trust customers across all plans in an open beta.

This new feature allows users to authentication to access applications using their existing WARP Session. This works great for reducing the number of authentication popups users see and non-browser based flows like CURL or other CLI commands.

For more information please see: WARP sessions · Cloudflare Zero Trust docs

Let me know here if you have any questions or feedback!

1 Like

Hey access team. How is this different from setting an allow or bypass rule with require gateway, expect for warp session timeout?

Also, how does one limit access to applications to only certain users, when using warp as authentication method? Do normal access policy rules still apply (like allow only certain groups, roles or emails)?

Hey! So the big difference is that we’ll still issue a JWT specific to that user authenticating and enforce all Access identity policies. The auth functions exactly as if you’d auth’d through your IdP but instead uses the identity that’s cached in your WARP client’s connection.

1 Like

Many thanks for a fast reply. I like the idea of having to reauthenticate the warp session and tying that into SSO with everything else behind access. I’ll try it out with few existing access applications.