Step 1: Create a new Application in your Okta dashboard. Go to Applications, and click ‘Add Application’
Click ‘Create New App’
Step 2: ASelect OpenID Connect as the application integration type.
Step 3: Name the application. In the field Login redirect URI’s, put your authorization domain /cdn-cgi/access/callback. You can find your organization’s authoirzation domain in the Cloudflare dashboard. It will be begin with a subdomain unique to your organization and the domain “cloudflareaccess.com” will follow with the callback path specificied above. Click Save.
Step 4: Okta will show you your completed Application. Scroll down to the OpenID Connect Token section and click Edit.
Step 5: In the groups claim field, switch ‘Starts With’ to ‘Regex’ and set it equal to .* Click Save.
Step 6: Now select the
General tab. Scroll down to copy your Client ID and Client Secret from the Okta dashboard. Paste them into the respective fields to the left of these instructions.
Step 7: In the Okta dashboard, click on Assignments for the Application.
Step 8: Now you can use the Cloudflare dashboard and specify which Okta groups and users should be allowed or denied access.
Step 9: Now Click on “Save and Test” on the Cloudflare dashboard to make sure your connection to the identity provider is successful.