Meveto can be configured to act as identity provider for your organization’s Cloudflare Teams. You can set up Meveto with another Cloudflare product, called “Access”, which can be used to manage your organization’s team, and other applications through Cloudflare. You must first setup Cloudflare Access for your organization, before you can integrate Meveto. If you haven’t done this already, read their documentation on how to do this. After you are done, login to your Cloudflare account as an admin, and follow these steps.
Remember that, at the moment, Cloudflare only supports SP-initiated single sign on flow, which means that you will not be able to login to your Cloudflare applications from your Meveto dashboard. Instead, you will have to go to your organization’s Cloudflare URL first, and start the login process from there.
Go to “Teams”
Next, go to the “Authentication” tab, and click “Add” on the login methods panel.
Next, choose SAML as the identity provider type.
Enter details of the identity provider. For Meveto, use the following values, and don’t click the “Save” button yet. Wait for the next step.
Name:
Meveto
or whatever you want.
Single Sign on URL
https://dashboard.meveto.com/saml/sso
Idp Entity ID or Issuer URL
https://meveto.com
Signing certificate
Download Meveto’s public certificateExpand the Optional configurations. Make sure the “Sign SAML authentication request” is turned off, and the “Email attribute name” is “email”.
This completes the configuration process, and you are now ready to test it. But before you test your new SAML SSO configuration, you need to complete Cloudflare integration at your Meveto dashboard. Once you have done that, you can then click the “Test” link, to test that your SSO works.
The above steps conclude what you need to do at Cloudflare, next it’s time to configure your Meveto account. Login to your Meveto dashboard, and click the “Add Single Sign-On Identity” button. On the next page, choose “Cloudflare Access” as a service provider. Meveto will ask you for your Cloudflare organization’s domain. You can get this domain name from your Cloudflare auth domain address. You have set up this auth domain when you set up Cloudflare Access. This address is of the following format:
https://your-domain.cloudflareaccess.com
For example, if your auth domain is https://meveto.cloudflareaccess.com, then Meveto would be your domain name, required by Meveto.
That’s it. You are all set to use Meveto as your identity provider for your Cloudflare organization.