|Operating Systems||WARP mode required||Zero Trust plans|
|iOS, Android, ChromeOS||WARP with Gateway||All plans|
Cloudflare Zero Trust allows you to build Zero Trust rules based on device UUIDs supplied in an MDM file. You can create these rules so that access to applications is granted only to users connecting from company devices.
1. Assign UUIDs to devices
Generate a unique identifier for each corporate device. For best practices on choosing UUIDs, refer to the Android documentation.
Enter the UUIDs into your MDM configuration file using the
2. Create a list of UUIDs
To create rules based on device UUIDs, you first need to create a Gateway List of UUIDs.
In Zero Trust, go to My Team > Lists.
Select Create manual list or Upload CSV. For larger teams, we recommend uploading a CSV or using Cloudflare’s API endpoint.
Give your list a descriptive name, as this name will appear when configuring your policies.
Set List Type to Device IDs.
Enter the UUIDs of the devices your team manages, or upload your CSV file.
3. Enable the posture check
In Zero Trust, go to Settings > WARP Client.
Scroll down to WARP client checks and select Add new.
Select Unique Client ID.
You will be prompted for the following information:
- Name: Enter a unique name for this device posture check.
- Operating system: Select the operating system of the device.
- List: Select your list of UUIDs.
Verify that the posture check is returning the expected results.
You can now create an Access or Gateway device posture policy that checks if the device presents a UUID on your list.