This document explains how to implement MonoSign with Cloudflare. It covers Single Sign-On. Before you continue, it is better to start with Cloudflare’s Single Sign-On implementation page.
Cloudflare OIDC Settings
To configure the OIDC key on MonoSign for Cloudflare, you need to have various information provided by Cloudflare.
First, go to Zero Trust Application.
Navigate to Settings > Login methods and click Add new to define a new login method.
Select the OpenID Connect
You will see OIDC Setup Page as in the image below.
For now, we will stop here on the Cloudflare side and create a MonoSign application and corresponding OpenId key using the information provided by Cloudflare.
Creating an Application and Access Key on MonoSign
Create your application on MonoSign and configure your access policy. Once you create, click Keys and Add New Key to create an OpenId access key.
In the opened modal, choose OpenId as Key Type and click Save.
You will see your configuration for your OpenId access key as follows.
Configuration Single Sign-On for Cloudflare
We will move on to where we left off on the Cloudflare Zero Trust Authentication page mentioned in the first chapter. First, fill in the Name field as a ‘MonoSignOIDC'. Then, fill in the necessary fields according to the OpenId Access Key created on MonoSign. Correspondings of the fields are as below.
Client Id from the application OpenId key
Client Secret from the application OpenId key
Auth Url from the application OpenId key
Access Token Url from the application OpenId key
JSON Web Key Set from the application OpenId key
You can see an example of OIDC Settings below.
Click the Save button to create a Login method for OpenID Connect.
You can test OpenID Connect. Settings by clicking the Test button will redirect you to MonoSign Login Page.
If the process is successful after entering the user information, you will redirect to the Cloudflare Access page to the result of your test.
Next, you can test it by going to https://<your-team-domain>.cloudflareaccess.com and choosing the MonoSignOIDC login method.