Generic OIDC

Step 1: If your are using an Identity Provider that is not listed, you can use our generic OpenID Connect(OIDC) connector.

Step 2: Visit your identity provider and copy the following fields:

  • Client ID and Client Secret: Create a client/app for Cloudflare Access and copy the client id and client secret value.
  • Auth URL: The authorization_endpoint URL of your IdP.
  • Token URL: The token_endpoint URL of your IdP.
  • Certificate URL: The jwks_uri endpoint of your IdP to get the keys used by the IdP to sign the tokens.

    The values above can be obtained from your identity provider’s OIDC discovery endpoint. Some providers call this the “well-known URL”.

Step 3: Give your Generic IdP a name of your choice by entering it in the Name field.

Step 4: In your IdP’s Authorized redirect URI field, put your authentication domain/cdn-cgi/access/callback URL.