2FA with Cloudflare access - Trigger stop working

marco.fucito · August 2, 2021, 1:02am

Hi,

I set Cloudflare access / for teams to secure n8n as a self-hosted application.
I set github as the authentication method and my email as the only one allowed for access.
I now have 2FA in login.

However all external integrations stopped working (telegram trigger, typeform trigger etc)

How can I go about securing only the n8n login page without blocking external triggers?
Or more generally, how should I configure access to not block external triggers like Telegram or Typeform?

@RedPacketSec I tagged you because you talked about Cloudlfare Access / for Teams in another thread and I opened another one so as not to go off topic on that one.

Thanks

RedPacketSec · August 2, 2021, 5:02am

Did you set the webhooks correctly?

To point to your cloudflare sub domain?

I’m using a docker of n8n do had to set an extra env variable to set the domain

jan · August 2, 2021, 5:19am

Yes, as mentioned by @RedPacketSec do you have to look at the Webhook-Endpoints.
You have to exclude /webhook and /webhook-test and so allow everybody to access those without being authenticated.

RedPacketSec · August 2, 2021, 6:01am

For me, i have restricted access (in Cloudflare teams) as to who can access the webhooks.

For example, I have restricted the telegram webhook so that only the official IP telegram ranges can access it.

harshil1712 · August 12, 2021, 9:22am

Hey @marco.fucito,

Did you get it working? If yes, can you share the solution so that others can benefit from it