Skip to content

Require WARP

Cloudflare Zero Trust enables you to restrict access to your applications to devices running the Cloudflare WARP client. This allows you to flexibly ensure that a user’s traffic is secure and encrypted before allowing access to a resource protected behind Cloudflare Zero Trust.

Prerequisites

  • Cloudflare WARP client is deployed on the device. For a list of supported modes and operating systems, refer to WARP Client Checks.

1. Enable the WARP check

  1. In Zero Trust, go to Settings > Network.
  2. Ensure that Proxy is enabled.
  3. Next, go to Settings > WARP Client.
  4. Scroll down to WARP client checks and select Add new.
  5. Select WARP.

You are now ready to start requiring WARP for your Access applications.

2. Add the check to an Access policy

  1. In Zero Trust, go to Access > Applications.

  2. Locate the application for which you want to require WARP.

  3. Select Edit.

  4. To have an existing policy require WARP, select Edit for that specific policy. Then, add an Include or Require rule which uses the WARP selector.

  5. Select Save rule.

Before granting access to the application, your policy will now check that the device is running the WARP client.