Cloudflare SAML setup

Getting started

  1. Log in to Cloudflare and go to Zero Trust.
  2. Select Applications and click Add an application:

Creating a new application

  1. Enter the name for the application (e.g. Trelica).
  2. Choose SAML.
  3. Click Add application.

You now need to collect some information from Trelica to enter into Cloudflare.

In a separate tab, log in to Trelica and go to Admin > Settings > Users and scroll down to the Single Sign-On (SSO) section:

  1. Paste the Trelica SAML Entity ID into the Cloudflare Entity ID field.
  2. Paste the Trelica SAML Assertion Consumer Service (ACS) URL into the Cloudflare Assertion Consumer Service URL.
  3. Select Email as the Name ID Format in Cloudflare.

You now need to enter some Cloudflare information into Trelica.

Click on the New button in the SAML providers section of the Trelica user settings page.

  1. Select Url and certificate for the Metadata type.
  2. Paste the Cloudflare SSO endpoint value into the Trelica Identity provider single sign on URL field. 
  3. Paste the Cloudflare Access Entity ID or Issuer value into the Trelica Identity Provider issuer field.
  4. Finally, copy the Cloudflare Public key value. This lacks the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- headers that Trelica expects, so paste these in, and paste the Cloudflare key on a new line in between them:
    -----BEGIN CERTIFICATE-----
    <paste here>
    -----END CERTIFICATE-----
  5. Click Save in Trelica

Complete the configuration in Cloudflare

  1. Set up SAML attribute statements if required - these will pass through the user's name when new users log in to Trelica. The values Trelica expects are given_name and family_name.
  2. Complete any other Cloudflare configuration, e.g. uploading a logo.

    The URL for a suitable logo is:

    https://trelica-public-resources.s3.amazonaws.com/Brand/PNG/Crest/Dark/Trelica-Crest-Dark_256.png

  3. Click Save application at the bottom and then apply the necessary Cloudflare access policy or group:
  4. Click Done.

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.