If you use Cloudflare to centralize authentication and authorization in your business, you can integrate Kinde as a service provider for these processes. This gives you the benefits of Kinde’s robust auth capabilities, while keeping the familiar Cloudflare structure.
You need to set up an enterprise connection in Kinde for this, and add a Cloudflare application. See steps below.
- In Kinde, go to Settings > Authentication.
- In the Enterprise connections section, select Add connections.
- In the window that appears, select Cloudflare and then select Save. The connection is added.
- On the connection you just created, select Configure.
- Enter a random string value for Entity ID, for e.g.
870sa9fbasfasdas23aghkhc12zasfnasd
.
- Complete any optional fields you want, including Entity ID, and key attributes. You’ll add the IdP Metadata URL later.
- Enter Home realm domains. This speeds up the sign in process for users of those domains. Note that all home realm domains must be unique across all connections in an environment. For more information about how, see Home realm domains or IdP discovery.
- If you use home realm domains, the sign in button is hidden on the auth screen by default. To show the SSO button, select the Always show sign-in button option.
- Copy the Assertion Customer Service (ACS) URL and the Entity ID somewhere you can access it later. You’ll need this to set up your Cloudflare application.
- Select provisioning options.
- Add a signed certificate and key if you have it. You can also do this later.
- Select Save.
- Sign in to your Cloudflare account.
- In the menu, select Zero trust.
- Go to Access > Applications, then select Add an application.
- Select SaaS as the type of application. The Add application window opens.
- Enter an application name or select an application.
- Choose Select SAML for the authentication protocol.
- Select Add Application. The Configure application page opens.
- Add the Entity ID and ACS URL from Kinde.
- Copy the SAML Metadata endpoint to your clipboard. You’ll need to enter this back in Kinde.
- Scroll through the other sections and then select Save configuration. The Add policies page opens.
- Add a policy to define who can access your application. You might do this via an allowlist and groups, or other strategy.
- Complete any other relevant sections of the window, and then select Done.
- In Kinde, go to Settings > Authentication.
- Select Configure on the Cloudflare connection.
- Scroll to the IdP metadata URL field and paste the Metadata URL you copied from your Cloudflare app.
- In the Applications area, switch on the applications you want to use this connection.
- Select Save. You can now use Cloudflare as an IdP for the selected applications.