Cloudflare Docs
Cloudflare Zero Trust
View RSS feed
Edit this page on GitHub
Set theme to dark (⇧+D)

Changelog

Zero Trust WARP Client

Cloudflare One Agent for Android (version 1.7)

A new GA release for the Android Cloudflare One Agent is now available in the Google Play Store. This release fixes an issue where the user was not prompted to select the client certificate in the browser during Access registration.

Zero Trust WARP Client

Crowdstrike posture checks for online status

Two new Crowdstrike attributes, Last Seen and State, are now available to be used as selectors in the Crowdstrike service provider integration.

Zero Trust WARP Client

WARP client for macOS (version 2024.3.444.0)

A new GA release for the macOS WARP client is now available in the App Center. This releases fixes an issue with how the WARP client sets macOS firewall rules and addresses the TunnelVision ( CVE-2024-3661) vulnerability.

Access

Add option to bypass CORS to origin server

Access admins can defer all CORS enforcement to their origin server for specific Access applications.

CASB

Export CASB findings to CSV

You can now export all top-level CASB findings or every instance of your findings to CSV.

DLP

Optical character recognition

DLP can now detect sensitive data in jpeg, jpg, and png files. This helps companies prevent the leak of sensitive data in images, such as screenshots.

Access

Zero Trust User identity audit logs

All user identity changes via SCIM or Authentication events are logged against a user’s registry identity.

Gateway

Gateway file type control improvements

Gateway now offers a more extensive, categorized list of files to control uploads and downloads.

Access

Access for SaaS OIDC Support

Access for SaaS applications can be setup with OIDC as an authentication method. OIDC and SAML 2.0 are now both fully supported.

Access

WARP as an identity source for Access

Allow users to log in to Access applications with their WARP session identity. Users need to reauthenticate based on default session durations. WARP authentication identity must be turned on in your device enrollment permissions and can be enabled on a per application basis.

Access

Unique Entity IDs in Access for SaaS

All new Access for SaaS applications have unique Entity IDs. This allows for multiple integrations with the same SaaS provider if required. The unique Entity ID has the application audience tag appended. Existing apps are unchanged.

Access

Default relay state support in Access for SaaS

Allows Access admins to set a default relay state on Access for SaaS apps.

Access

App launcher supports tags and filters

Access admins can now tag applications and allow users to filter by those tags in the App Launcher.

Access

App launcher customization

Allow Access admins to configure the App Launcher page within Zero Trust.

Access

View active Access user identities in the dashboard and API

Access admins can now view the full contents of a user’s identity and device information for all active application sessions.

Access

Custom OIDC claims for named IdPs

Access admins can now add custom claims to the existing named IdP providers. Previously this was locked to the generic OIDC provider.

Access

Azure AD authentication contexts

Support Azure AD authentication contexts directly in Access policies.

Access

Custom block pages for Access applications

Allow Access admins to customize the block pages presented by Access to end users.