Cloudflare dashboard SSO application
By adding a Dashboard SSO application to your Cloudflare Zero Trust account, you can enforce single sign-on (SSO) to the Cloudflare dashboard with the identity provider (IdP) of your choice.
Once you have configured SSO, every user that wants to login with Dashboard SSO will need to also be a Cloudflare user. If the account does not exist, the request will not forward the authentication phase to the Identity Provider. Refer to Managing Cloudflare account access for information on adding users to your Cloudflare account.
Set up dashboard SSO
Step 1 — Launch Cloudflare Zero Trust
To log in to Cloudflare Zero Trust directly, go to the Zero Trust dashboard and select your account.
To log in through the Cloudflare dashboard:
- Log in to the Cloudflare dashboard.
- Log in to the Zero Trust dashboard.
Step 2 — Set up an IdP
Configure an IdP following our detailed instructions.
Once you configure your IdP, make sure you also test your IdP.
Step 3 — Contact your account team
Ask your account team to approve your SSO domain.
Step 4 — Test and enable your application
To test and enable your SSO application:
Log in to the Zero Trust dashboard.
Navigate to Settings > Authentication.
In the Cloudflare dashboard SSO section, find your email domain.
Set the toggle value to Enabled. This action can only be performed by Account Super Administrators.
Do not log out or close your browser window. Instead, open a different browser or an incognito window.
Navigate to the Cloudflare dashboard and log in with your email address from your SSO domain.
If you can log in successfully, you have successfully set up your SSO application.
If you cannot log in successfully:
- Return to the Zero Trust dashboard.
- For Cloudflare dashboard SSO, set your email domain to Disabled.
- Re-configure your IdP.