Connecting SaaS Applications
Cloudflare Access allows you to integrate your SaaS products by acting as an identity aggregator, or proxy. This way, we ensure that users cannot login to SaaS applications without first meeting the criteria you want to introduce.
1. Add and configure your app
Navigate to the Applications tab on the Teams dashboard.
Click Add an application.
Select SaaS.
- In the Configure app section, select an application from the Application drop-down menu.
If your app is not listed, type its name in the textbox and select it.
In the Entity ID field, provide the unique identifier of your SaaS application. SaaS applications store this information in different ways.
In the Assertion Consumer Service URL field, input the service provider’s endpoint for receiving and parsing SAML assertions.
Scroll down to the Application logo card to choose a logo that will represent the app in the App Launcher and in the Applications page. You can either:
- Select Default if you want the SaaS application’s logo to show.
- Select Custom if you want to assign a custom logo to the application.
- Next, scroll down to the Identity Providers card to select the identity providers you want to enable for your app.
- Click Next.
2. Add rules for your app
The Add rules step lets you configure rules to control who can access your app.
First, specify a Rule name.
Specify a Rule action. By specifying an action, you define how this rule protects your application. You can set up a rule to either block, allow, or bypass certain users or user categories.
In the Configure a rule card, you can add rules to define which users or user categories are affected. You can add rules of the following types:
- Include
- Exclude
- Require
Click Next.
By clicking Next, you will add your application to Access.
3. Integrate your SaaS app with Access
To begin using your application through Access, your last step is to integrate your SaaS application to Access. You can do so by configuring:
Your SSO endpoint
Your Access Entity ID or Issuer
Your Public key
with your SAML SSO-compliant application.
Take note of these fields before you click
Done
.
- Click Done to see your application listed on your Applications tab.