Cloudflare offers support for gRPC to protect your APIs on any . The gRPC protocol helps build efficient APIs with smaller payloads for reduced bandwidth usage, decreased latency, and faster implementations.
Running gRPC traffic on Cloudflare is compatible with most Cloudflare products.
However, the following products have limited capabilities with gRPC requests:
- The will only run for header inspection during the connection phase. WAF Managed Rules will not run on the content of a gRPC stream.
- currently does not support gRPC.
- does not support gRPC traffic sent through Cloudflare’s reverse proxy. gRPC traffic will be ignored by Access if gRPC is enabled in Cloudflare. We recommend disabling gRPC for any sensitive origin servers protected by Access or enabling another means of authenticating gRPC traffic to your origin servers.
- Your gRPC endpoint must listen on port 443.
- Your gRPC endpoint must support TLS and HTTP/2.
- HTTP/2 must be advertised over ALPN.
application/grpc+<message type(for example:
application/grpc+proto) for the Content-Type header of gRPC requests.
- Make sure that the hostname that hosts your gRPC endpoint: - Is set to - Uses at least the .
To change the gRPC setting in the dashboard: