Skip to content
Cloudflare for Teams
Visit Cloudflare for Teams on GitHub
Set theme to dark (⇧+D)

Cloudflare dashboard SSO application

By adding a Dashboard SSO application to your Cloudflare Teams account, you can enforce single sign-on (SSO) to the Cloudflare dashboard with the identity provider (IdP) of your choice.

Set up dashboard SSO

Step 1 — Launch Cloudflare for Teams

To log into Cloudflare for Teams directly, go to the Teams dashboard and select your account.

To log in through the Cloudflare dashboard:

  1. Log in to the Cloudflare dashboard.
  2. Select an account and an application.
  3. Navigate to Access.
  4. Select Launch Teams.
  5. Select your account.

Step 2 — Set up an IdP

Configure an IdP following our detailed instructions.

Once you configure your IdP, make sure you also test your IdP.

Step 3 — Contact your account team

Ask your account team to approve your SSO domain.

Step 4 (optional) — Customize your SSO application

Once your account team has approved your SSO domain, you will see an SSO App in the Teams dashboard (under Access > Applications). This application automatically has a rule to allow email domain and uses your IdP as the authentication provider.

If you have multiple IdPs, manage your allowed providers in the Authentication tab of the SSO App.

You likely will not have to make additional policies (IP access lists, etc.), but if you do refer to Zero Trust policies.

Step 5 — Test and enable your application

To test and enable your SSO application:

  1. Log into the Teams dashboard.

  2. Navigate to Settings > Authentication.

  3. In the Cloudflare dashboard SSO section, find your email domain.

  4. Set the toggle value to Enabled.

  5. Do not log out or close your browser window. Instead, open a different browser or an incognito window.

  6. Navigate to the Cloudflare dashboard and log in with your email address from your SSO domain.

  7. If you can login successfully, you have successfully set up your SSO application.

  8. If you cannot login successfully:

    1. Return to the the Teams dashboard.
    2. For Cloudflare dashboard SSO, set your email domain to Disabled.
    3. Re-configure your IdP.