Traccar (web) accepting cloudflare cf-authenticated-user for login

David Cole 21 hours ago

Have traccar web fronted by cloudflare access. When I use this I get the cloudflare login page, then once in, I get a traccar web login. Looking for how I can get traccar to accept the cloudflare authenticated user. Anyone done this?

https://developers.cloudflare.com/cloudflare-one/access-controls/applications/http-apps/authorization-cookie/

Anton Tananaev 21 hours ago

Why do you need this instead of a normal auth?

David Cole 20 hours ago

"need" is a strong term. I do have auth for internal access. But for external access I also have cloudflare access (providing auth). And so once through cloudflare I hit the traccar auth page, I'd prefer to be accepted if a user is already authenticated....and I'd rather not expose traccar directly.

Anton Tananaev 20 hours ago

I'm just trying to understand the use case for cloudflare auth.

David Cole 19 hours ago

Just different. The same oidc provider I user in traccar, I also have in cloudflare. But rather than traccar being exposed directly, I can further restrict someone from getting to traccar if they haven;t authenticated at cloudflare first. Think it's another level of security

Anton Tananaev 19 hours ago

Well, another layer of security is what you have now, but if you just take cloudflare only, then you're back to single layer, just in a different place. And complexity is usually a negative security effect.