Cloudflare dashboard SSO application
By adding a Dashboard SSO application to your Cloudflare Zero Trust account, you can enforce single sign-on (SSO) to the Cloudflare dashboard with the identity provider (IdP) of your choice.
Once you have configured SSO, every user that wants to login with Dashboard SSO will need to exist as a member in your Cloudflare account and IdP. If there is no Cloudflare member account for this user, the request will not forward the authentication phase to the IdP. Refer to for information on adding users to your Cloudflare account.
Set up dashboard SSO
Step 1 — Launch Cloudflare Zero Trust
To log in through the Cloudflare dashboard:
Step 2 — Set up an IdP
Step 3 — Contact your account team
Ask your account team to approve and create your SSO domain. The SSO domain can be configured for multiple email domains associated with the members in your Cloudflare account. For example, if your SSO domain is configured for emails ending in
@example.com, a member with email
@test.com would not see the Log in with SSO option and would have to enter their username and password.
Step 4 — Test and enable your application
To test and enable your SSO application:
Navigate to Settings > Authentication.
In the Cloudflare dashboard SSO section, find your email domain.
Set the toggle value to Enabled. This action can only be performed by Account Super Administrators.
Do not log out or close your browser window. Instead, open a different browser or an incognito window.
If you can log in successfully, you have successfully set up your SSO application.
If you cannot log in successfully: