Cloudflare OIDC Integration

This document explains how to implement MonoSign with Cloudflare. It covers Single Sign-On. Before you continue, it is better to start with Cloudflare’s Single Sign-On implementation page.

Cloudflare OIDC Settings

To configure the OIDC key on MonoSign for Cloudflare, you need to have various information provided by Cloudflare.

First, go to Zero Trust Application.

CloudflarePanel.png
  • Navigate to Settings > Login methods and click Add new to define a new login method.

AddNewLoginMethod.png


  • Select the OpenID Connect

    SelectOIDC.png


You will see OIDC Setup Page as in the image below.

OIDCEmptSettingsPage.png


For now, we will stop here on the Cloudflare side and create a MonoSign application and corresponding OpenId key using the information provided by Cloudflare.

Creating an Application and Access Key on MonoSign

Create your application on MonoSign and configure your access policy. Once you create, click Keys and Add New Key to create an OpenId access key.

CreateSAMLKey.png


In the opened modal, choose OpenId as Key Type and click Save.

OpenId.png

You will see your configuration for your OpenId access key as follows.

OpenIdKeys.png

Configuration Single Sign-On for Cloudflare

We will move on to where we left off on the Cloudflare Zero Trust Authentication page mentioned in the first chapter. First, fill in the Name field as a ‘MonoSignOIDC'. Then, fill in the necessary fields according to the OpenId Access Key created on MonoSign. Correspondings of the fields are as below.

Field

Value

App ID

Client Id from the application OpenId key

Client secret

Client Secret from the application OpenId key

Auth URL

Auth Url from the application OpenId key

Token URL

Access Token Url from the application OpenId key

Certificate URL

JSON Web Key Set from the application OpenId key


You can see an example of OIDC Settings below.

Example.png


Click the Save button to create a Login method for OpenID Connect.

You can test OpenID Connect. Settings by clicking the Test button will redirect you to MonoSign Login Page.

resim-20220607-133035.png

If the process is successful after entering the user information, you will redirect to the Cloudflare Access page to the result of your test.

CleanShot 2022-06-08 at 10.28.24.png


Next, you can test it by going to https://<your-team-domain>.cloudflareaccess.com and choosing the MonoSignOIDC login method.

ChooseMonoSignOIDC.png