Configure an identity provider (recommended)
An identity provider (IdP) stores and manages users’ digital identities. You can integrate your existing identity provider with Cloudflare Zero Trust in order to manage user access to your private network. This requires configuration both in Cloudflare and with the identity provider itself.
To add an identity provider:
-
In Zero Trust, go to Settings > Authentication.
-
In the Login methods card, select Add new.
-
Select the identity provider you want to add.
If you do not see your identity provider listed, these providers can typically still be enabled. If they support OIDC or OAuth, select the generic OIDC option. If they support SAML, select the generic SAML option. Cloudflare supports all SAML and OIDC providers and can integrate with the majority of OAuth providers. If your provider supports both SAML and OIDC, we recommend OIDC for ease of configuration.
-
Fill in the necessary fields to set up your identity provider.
Each identity provider will have different required fields for you to fill in. Step-by-step instructions are shown in the dashboard side panel.
-
Once you have filled in the necessary fields, select Save.
Users will now be able to select this IdP when they are prompted to authenticate. To learn more about IdP configuration, refer to SSO integration.