Configure Cloudflare as Reverse Proxy
Availability varies by Auth0 plan
Your Auth0 plan or custom agreement affects the availability of this feature. To learn more, read Auth0's Pricing Page.
To set up Cloudflare as a reverse proxy using the recommended approach, a Cloudflare Enterprise Plan with the following features is required:
|Host Header Override
|Rewrite Host headers using different Cloudflare rules. To learn more, read Rewrite Host headers on Cloudflare Docs.
|Enabling the True-Client-IP Header adds the True-Client-IP header to all requests to your origin server, which includes the end user’s IP address. To learn more, read Understanding the True-Client-IP Header on Cloudflare Docs.
To configure Cloudflare as a reverse proxy, you’ll need to create a CNAME record, a Page Rule, and a Transform Rule in Cloudflare.
Configure and verify a Custom Domain with Self-Managed Certificates if you haven't already. Make note of the Origin Domain Name and cname-api-key values since you'll need these later.
In the Cloudflare dashboard for the target zone, create a CNAME record with the following settings:
Setting Value Name The custom domain name. Target The Origin Domain Name value recorded earlier. Proxy Status
Create a Page Rule scoped to all URLs under the chosen custom domain and with the following settings:
Setting Value Host Header Override The Origin Domain Name value recorded earlier. True-Client-IP
Switch to the Modify Request Header view.
Select Create Rule and provide a name of your choice.
Under When incoming requests match, select Custom filter expression and set an expression that scopes the Rule to requests associated with the chosen custom domain. For example, use an exact match on the Hostname field.
Under Modify request header, select Set static, and then set the following fields:
Field Value Header name
Value The cname-api-key value recorded earlier.
Call the Auth0 Management API Update custom domain configuration endpoint with the following payload in the body:
Was this helpful?