Single Sign On with Authentik for your services behind Cloudflare zero trust

Update Dec 25, 2024: steps updated for Authentik release 2024.12.1

Assumptions:

You will need to find the name of your Cloudflare team:

In Authentik create a new provider:

Click Finish.

IMPORTANT: If you don’t choose the signing key you’d likely get an error “Failed to fetch user/group information from the identity provider”

NOTE: At this point, the provider gives a warning “Provider not assigned to any application”. Let’s take care of that now.

Still in Authentik, go to Applications > Applications:

Click “Create”.

In Cloudflare Zero Trust.

Choose your account.

Create an identity provider:

Still in Cloudflare Zero trust, create an application:

Go to your website. You will be redirect to Authentik to something like https://auth.example.com/if/flow/default-authentication-flow/...

If not already authenticated in Authentik, do so.

You can now see your website. Your website is now secure!




Thanks for reading this post!


Did you find an issue in this article?

- click on the following Github link
- log into Github with your account
- click on the line number containing the error
- click on the "..." button
- choose "Reference in new issue"
- add a title and your comment
- click "Submit new issue"

Your feedback is much appreciated! πŸ€œπŸΌπŸ€›πŸΌ

You can also drop me a line below!