Zero Trust Authentication (Access) - yubikey

Stop: Is this post about the product “Cloudflare Access”?
So I’ve just picked up my shiny new yubikeys and added them to my Cloudflare authentication. Easy as.

But a use case I have, it for sites protected by Cloudflare access, I currently only have One Time Code as the available authentication methods…I’d like to add the yubikey to that. What method do I need to add? I was hoping to not need an external platform like google or github. But could if needed.

You do. Yubikey is 2FA, not a login.

And within Access, you can require SSO to include MFA, but only for a few SSO providers:

1 Like

Hey I’m in the same boat. Shiny yubi’s just falling all over me. I’ve added it as an authentication method for my “Cloudflare Proper” dash (You know, where you make DNS entries and workers and stuff). I am also using Zero Trust to publish some self-hosted applications for personal use. I’d like to enforce using one of my registered keys to access the applications.
So based on the reply above me does that mean I’d specify another login provider that I currently use (like Github?) and leverage their 2FA implementation of Yubikeys?

I used GitHub. And just set restrictions around tb ename of the for hub/email to the email I use for my GitHub account.

Wasn’t ideal, but was probably the with provider I trusted the most