Use Azure AD Conditional Access policies in Cloudflare Access
With Azure Active Directory (AD)’s , administrators can enforce policies on applications and users directly in Azure AD. Conditional Access has a set of checks that are specialized to Windows and are often preferred by organizations with Windows power users.
- Global admin rights to an Azure AD account
- Configured users in the Azure AD account
1. Set up an identity provider for your application
We suggest naming the IdP integration after the target application, for example
Azure AD - Customer management portal.
2. Configure Conditional Access in Azure AD
In Azure Active Directory, go to App registrations and select the application you created for the IdP integration.
Go to Branding & properties.
In Home page URL, enter the hostname of the protected application.
Return to the Azure Active Directory dashboard and go to Enterprise applications.
Select your application.
Create and enable any additional policies for your application.
3. Create an Access application
To enforce your Conditional Access policies on a Cloudflare Access application:
In Application domain, enter the target URL of the protected application.
For Identity providers, select only the IdP integration that was configured for this application. This limits which IdPs are shown to the user.
- Finally, create an to require logins from the selected IdP. For example:
Action Rule type Selector Value Allow Include Emails ending in
Require Login methods
Azure AD • Azure AD - Customer management portal
Users will only be allowed access if they meet the criteria in your Azure AD Conditional Access policies.
You can reuse the same IdP integration for multiple applications as long as they require the same set of Conditional Access policies. For example, you could design a baseline IdP integration with a Conditional Access policy requiring MFA and a modern auth client. If an application requires special Conditional Access policies, you would need to set up a dedicated IdP instance for that application.