What is the name of the domain?
What is the error number?
TBD
What is the error message?
HTTP/1.1 302 Found
What is the issue you’re encountering
Service Token not recognized for Cloudflare Access-protected WebDAV app — consistently receiving 302 redirects
What steps have you taken to resolve the issue?
Hello Cloudflare Community Support,
I’m encountering an issue where Cloudflare Access is not recognizing valid service tokens for a WebDAV application protected by Zero Trust. Despite following the documented steps for setting up Service Auth, the service token is never seen by Cloudflare, and all requests are redirected to the Access login portal.
Details:
Hostname: box.divergentix.com
Access Application Name: WG BoxDrive WebDAV
App Type: Self-hosted (WebDAV backend)
Origin: localhost:8080 (running Rclone WebDAV, verified working)
Access Policy: First in list; allows the token WebDAV Service Token
Manual Test: Token Headers Sent via curl
Response: Always HTTP/1.1 302 Found, redirected to Access login portal
Access Dashboard Status: Token always shows “Not Seen”
What I’ve confirmed:
WebDAV origin responds with 200 OK and correct credentials when tested locally
Token is created fresh and bound immediately to the policy
All Access features like justification and browser MFA are disabled
Policy is first in priority list and matches hostname
Expected Behavior:
Cloudflare should recognize the service token headers and allow headless access to the WebDAV origin without redirect.
Actual Behavior:
Cloudflare consistently redirects to login, and token shows “Not Seen Yet” in the dashboard, suggesting the token is never parsed or routed correctly.
Please advise whether this is a known issue with WebDAV + Service Tokens, or if there’s anything else required on the backend to enable token recognition in this setup.
Thank you!