Gateway - OIDC Claims filtering now available in Gateway Firewall, Resolver, and Egress policies
3mo ago
Source
CloudflareGateway - OIDC Claims filtering now available in Gateway Firewall, Resolver, and Egress policiescloudflare.comCloudflare Gateway now supports OIDC Claims as a selector in Firewall, Resolver, and Egress policies. Administrators can use custom OIDC claims from their identity provider to build fine-grained, identity-based traffic policies across all Gateway policy types. With this update, you can: Filter traffic in DNS , HTTP , and Network firewall policies based on OIDC claim values. Apply custom resolver policies to route DNS queries to specific resolvers depending on a user's OIDC claims. Control egress policies to assign dedicated egress IPs based on OIDC claim attributes. For example, you can create a policy that routes traffic differently for users with department=engineering in their OIDC claims, or restrict access to certain destinations based on a user's role claim. To get started, configure custom OIDC claims on your identity provider and use the OIDC Claims selector in the Gateway policy builder. For more information, refer to Identity-based policies .

Comments
Sign in to join the conversation.
No comments yet. Be the first.