Skip to content
  • Integrations
  • Third-party tools

Kinde as identity provider with Cloudflare Zero Trust

If you use Cloudflare to manage authentication across your systems, you can use Kinde as an third-party identity provider.

This topic explains how to set up Cloudflare Zero Trust to use Kinde as an auth identity provider through OpenID Connect.

You need to already have a backend web application set up in Kinde to follow this procedure.

Get your Cloudflare team domain

Link to this section
  1. Sign into Cloudflare and navigate to Zero Trust.
  2. Go to Settings > Custom Pages.
  1. Copy your Team domain.

Set up your Kinde app

Link to this section
  1. In Kinde, go to Settings > Applications.

  2. Select View details on the relevant backend/web application.

  3. Copy the Client ID and Client secret and add them somewhere you can access later.

  4. Scroll to the Callback URLs section and enter the Zero Trust Team domain in the Allowed callback URLs field. (Copied in the procedure above)

    In this example, we would paste: mirosaurus.cloudflareaccess.com/cdn-cgi/access/callback

  5. Select Save.

Get your OpenID config info

Link to this section
  1. In your browser, go to the OpenID configuration URL of your Kinde business. This will be https://<your_kinde_subdomain>.kinde.com/.well-known/openid-configuration

    Our example shows details for mirosaurus.kinde.com/.well-known/openid-configuration

  1. Copy the following information somewhere you can access it later.
    • jwks_uri - e.g. https://mirosaurus.kinde.com/.well-known/jwks
    • token_endpoint - e.g. https://mirosaurus.kinde.com/oauth2/token
    • authorization_endpoint - e.g. https://mirosaurus.kinde.com/oauth2/auth

Add Kinde as a provider in Cloudflare Zero Trust

Link to this section
  1. Back in the Cloudflare Zero Trust dashboard, go to Settings > Authentication.
  1. In the Login methods section, select Add new. The Add a login method screen opens.
  2. Select OpenID Connect as the identity provider.
  1. Follow the page guide and enter the following details:
    • Name - Whatever you want
    • App ID - this is the Client ID you copied from your Kinde app
    • Client Secret - this is the Client secret you copied from your Kinde app
    • Auth URL - the authorization_endpoint copied in the previous procedure
    • Token URL - the token_endpoint copied in the previous procedure
    • Certificate URL - the jwks_uri copied in the previous procedure
  1. Select Save.

Enable Cloudflare to use Kinde as an auth provider

Link to this section
  1. In the Zero Trust dashboard, go to Access > Applications.
  2. In the Authentication tab, select the newly created Open ID Connect method.
  1. Select Save application. When an authentication event is triggered, Cloudflare will offload to Kinde to complete the authentication.