Skip to main content

Cloudflare OIDC

Step-by-step instructions for setting up Cloudflare OIDC authentication with Modjo.

Updated over 2 weeks ago

This article provides detailed instructions to help you set up Cloudflare OIDC authentication with Modjo.

By following this guide, you will learn how to:

• Configure an OIDC application in your Cloudflare Zero Trust Console, with the correct redirect URIs and scopes.

• Implement the authentication flow within your Modjo instance.

• Enable secure single sign-on (SSO) for your sales teams, while ensuring proper access control.

🚨 Important Notes

  • When Cloudflare SSO is enabled in Modjo, Google SSO and Microsoft SSO options are automatically disabled.

  • Users must be created in Modjo with the exact same email address used in your Cloudflare organization.

Setup Instructions

Step 1: Configure your application in Cloudflare

  • Log in to your Cloudflare Admin account. (https://dash.cloudflare.com/)

  • Click on "Zero Trust" in the left sidebar.

  • Click on "Access", then "Applications"

  • If it's your first application, you're already on the create application funnel. If it's not, click on "Add an application".

  • Select "SaaS" application.

  • Input "Modjo" as the Application name and select "OIDC" for the authentication protocol.

  • Click on "Add application".

  • Configure

    • Scopes: openid, email, profile.

    • Redirect URLs: https://app.modjo.ai/sso/cloudflare_sso

  • Below, copy the Client secret, Client ID. They will be used on Modjo later.

  • Setup the policies for the application.

    • Define who can access your applications. Add from your existing policies or create new ones.

  • Configure the "Login Methods"

    • Select the methods for which you allow your users to log-in with.

  • Click "Next" at the bottom of the page.

  • Configure the experience settings as needed.

  • Click "Save" at the bottom of the page.

  • Your OIDC custom Cloudflare app is now created.

Step 2: Configure Cloudflare OIDC in Modjo

  • First, find your Cloudflare Team name.

    • The Team name can be found in the settings of Cloudflare Zero Trust dashboard.

    • Click on "Custom Pages"

    • The team name is the prefix of the domain cloudflareaccess.com.

      • In our exemple, the team name is modjo.

  • Now, log in to Modjo.

  • Go to Settings in the left-hand menu, then select Integrations.

  • Open the SSO tab and select Cloudflare.

  • Click on Connect

  • Paste the Client ID, Client Secret, and Team Name into the relevant fields.

  • Click on Save.

Cloudflare SSO is now enabled for your Modjo instance.

Usage: Logging in with Cloudflare SSO

  • On the Modjo login page, click Sign in with SSO.


  • You will be redirected to Cloudflare to authenticate.

  • Once authentication is successful, you will be automatically redirected back to Modjo to continue your session.

Did this answer your question?