I’ve been operating Home Assistant for some time now, utilizing a Cloudflare tunnel for remote access.
To bolster security measures, I’m interested in configuring a Cloudflare application, as it offers more protection than the current geofencing method I’m employing. While this setup functions effectively when accessing Home Assistant through a web browser, it encounters issues with the app.
It appears that the redirection from the Home Assistant front page to the Cloudflare application and subsequent redirection back to the Home Assistant front page after successful authentication is not supported by the app. Consequently, each attempt to access the app redirects me to the Cloudflare access page with the message: “Invalid login session. Please try going to the URL of your application.”
Does anyone know if there is a workaround for this issue?
EDIT: Seems to be a known issue for long, one without an easy solution. I’m instead going to try to use mTLS client certificate installed on mobile device to bypass otherwise Cloudflare configured authentifcation mecanism.
Seems I don’t get email notifications from this forum.
mTLS Cert was not that difficult to implement. There is in fact a few blog posts I found online that explain that. Unfortunately, I don’t remember which one I used. Maybe that one: Protecting Home Assistant with Cloudflare Access and mTLS on Android