Cloudflare Zero Trust Login Method

[stuart-elliott-70]

I'm trying to enable VoidAuth as an OIDC endpoint for Cloudflare Zero Trust, I can get it to request the VoidAuth login page, I can successfully authenticate that, but the callback to Cloudflare fails.

I have set up the OIDC client settings in VA as follows:
Client ID* = Random_Name
Not specified user group, so all access
Client Secret = MySecurePassword
Redirect Url = https://my_team_name.cloudflareaccess.com/cdn-cgi/access/callback
Application Type = web
Token Endpoint Auth Method = c_s_post (have tried all three)
Response Types = code (have also tried combinations of all three types)
Grant Types = authorization_code, refresh_token

in Cloudflare, it's as per the image below:

In my opinion, the reason it's failing is due to the lack of Certificate URL on the Cloudflare side, but I can't be sure.

Hopefully someone else smarter than I can see a solution.
Thanks,
-Stuart

[stuart-elliott-70]

[stuart-elliott-70]

I've tried https://voidauth.mydomain.com/oidc/.well-known/openid-configuration as the certificate URL in case it was that, but no.

[stuart-elliott-70]

Never mind, got it working.. It WAS the certificate url that was the issue, I managed to find the jwks_uri in the openid-configuration, which was : https://voidauth.mydomain.com/oidc/jwks

It now authenticates..

Thank you for listening to my Ted Talk.

[notquitenothing]

Hey nice work! Glad you got it figured out 👍