Require corporate devices
You can use Cloudflare Access to require team members to connect to self-hosted or SaaS applications from a device that your team owns or manages.
🗺️ This walkthrough covers how to:
- Create or upload a list of devices in your inventory
- Deploy the Cloudflare WARP client to collect device information
- Build a Zero Trust policy that requires users to connect from devices in your inventory
⏲️Time to complete:
Create or upload a list of devices
Go to My Team > Lists.
Click Create manual list. You can also upload a CSV list.
Give your list a name and choose
Serial numbersfrom the List type field.
Input the serial numbers of the devices your team manages. For larger teams, we recommend uploading a CSV or using Cloudflare's API endpoint. Click Save.
Once saved, the serial number list will appear in your list view.
Deploy Cloudflare WARP
Cloudflare Access relies on the Cloudflare for Teams client, WARP, to gather the serial number of a device attempting to reach a policy.
Build a Zero Trust policy
You can now add this corporate device requirement to existing or new applications.
To add to an existing application, choose the specific resource from the Applications page in the Access section of the sidebar. Click Edit.
Select the Rules tab and edit the existing rule in place.
Requirerule and choose
Device Posture - Serial Number Listfrom the drop down menu. Choose the list of devices to require and click Save rule.
Once saved, any device attempting to reach the application in this example will both need to be in the
@cloudflare.com domain and connecting from a device that uses Cloudflare WARP and presents a serial number in the list created.