Cloudflare Access

Cloudflare Access provides authentication in front of any web resource — no code changes needed. Free for up to 50 users.

How it works

Cloudflare Access sits between the user and the resource. Before anyone can reach the site, they must authenticate via one of the configured identity providers (email OTP, Google, GitHub, etc.).

Setup

1. Enable Zero Trust

1. Log into Cloudflare Dashboard
2. Go to Zero Trust (in the sidebar)
3. Set up your Zero Trust organisation if you haven’t already

2. Create an Access application

1. Go to Access → Applications → Add an application
2. Choose Self-hosted
3. Configure:
   • Application name — e.g. “WAGE Docs”
   • Session duration — how long before re-auth (e.g. 24 hours)
   • Application domain — the domain/subdomain to protect (e.g. docs.yourdomain.com)

3. Create an Access policy

1. Policy name — e.g. “Team access”
2. Action — Allow
3. Include rules — choose who can access:
   • Emails — specific email addresses
   • Email domains — e.g. @yourdomain.com (anyone with that email domain)
   • Identity providers — Google, GitHub, etc.

4. Point your domain

Ensure the domain/subdomain in step 2 points to where your docs site is deployed (Cloudflare Pages, Netlify, Vercel, etc.).

Deploying the docs site behind Access

The recommended setup for this docs site:

1. Deploy to Cloudflare Pages (free, integrates natively with Access)
2. Set up a custom domain (e.g. docs.yourdomain.com)
3. Add a Cloudflare Access policy to protect that domain
4. Team members authenticate via email OTP or Google — no passwords to manage

Notes

• Cloudflare Access is free for up to 50 users
• Users authenticate once per session duration — not on every page load
• Access works with any deployment target, not just Cloudflare Pages
• You can create multiple policies for different levels of access