Worker auth with Zero Trust

evan.stevens · February 8, 2023, 11:29pm

I would like my worker to check if someone is authenticated with zero trust or Azure SAML. Has anyone seen any documentation or examples of doing this?

Here’s what I’m thinking:

We have a maintenance page process where our worker will serve up static content when we wish to stop traffic to our origin servers. We would like to add a log in button to the content that will allow the visitor to authenticate with zero trust. Afterward, the worker would no longer serve the static content.

There seems to be some JWT handling Cloudflare Access: now for SaaS apps, too but I’m not quite connecting the dots.

Thanks!

cscharff · February 9, 2023, 12:03am

So JWT parsing example here: GitHub - tsndr/cloudflare-worker-jwt: A lightweight JWT implementation with ZERO dependencies for Cloudflare Workers.
Ip whitelisting example here; Cloudflare: How to show a maintenance page but continue traffic to origin server from whitelisted IPs

If this is for tech savvy users another (simpler?) strategy might be to use blue green deployments: GitHub - DigitalOptimizationGroup/blue-green-cloudflare-workers: Blue / Green Deployments for Cloudflare Workers

If you’re feeling ambitious a combination of the above in some fashion is what you might be looking for.

evan.stevens · February 10, 2023, 6:23pm

Thanks for the suggestions! I was hoping for a native API but JWT will work.