Cloudflare Access allows you to integrate your SaaS products by acting as an identity aggregator, or proxy. This way, users cannot login to SaaS applications without first meeting the criteria you want to introduce.
1. Add your application
- In the Configure app section, select an application from the Application drop-down menu. If your application is not listed, type its name in the textbox and select it.
In the Entity ID field, provide the unique identifier of your SaaS application. SaaS applications store this information in different ways.
In the Assertion Consumer Service URL field, input the service provider’s endpoint for receiving and parsing SAML assertions.
Scroll down to the Application logo card to choose a logo that will represent the application in the App Launcher and in the Applications page. You can either:
- Select Default if you want to show the SaaS application’s logo.
- Select Custom if you want to assign a custom logo to the application.
Next, scroll down to the Identity Providers card to select the identity providers you want to enable for your app.
2. Add a policy
You can now configure a policy to control who can access your app.
- First, specify a name for your rule. This is a mandatory field.
- Specify a policy action.
- Specify one or more rules in the Configure a rule box. You can add as many include, exception, or require statements as needed.
- Click Next to add your application to Access.
3. Integrate your SaaS application with Access
Before you begin using your application through Access, your last step is to integrate your SaaS application to Access.
- First, configure these fields with your SAML SSO-compliant application. Take note of these fields before you click Done:
- Click Done to see your application listed on your Applications tab.