Skip to content

Require WARP

Cloudflare Zero Trust enables you to restrict access to your applications to devices running the Cloudflare WARP client. This allows you to flexibly ensure that a user's traffic is secure and encrypted before allowing access to a resource protected behind Cloudflare Zero Trust.

Prerequisites

  • Cloudflare WARP client is deployed on the device. For a list of supported modes and operating systems, refer to WARP Client Checks.

1. Enable the WARP check

  1. In Zero Trust, go to Settings > Network.
  2. Ensure that Proxy is enabled.
  3. Go to Settings > WARP Client.
  4. In WARP client checks, select Add new.
  5. Select WARP, then select Save.

2. Add the check to an Access policy

  1. In Zero Trust, go to Access > Applications.

  2. Locate the application for which you want to require WARP. Select Configure.

  3. In the Policies tab, create a new Access policy or edit an existing policy.

  4. In the policy builder, add an Include or Require rule which uses the WARP selector. Save the policy.

  5. Save the Access application.

Before granting access to the application, the policy will check that the device is running the WARP client.