This is a worker that allows you to quickly setup an external evalutation rule in Cloudflare Access. Additional information about this feature can be found in the Cloudflare Developer Docs.
- Create a new KV Namespace or use an existing one. This worker will automatically generate a signing key pair the first time it is called and it will store those keys in Workers KV.
- Update
wrangler.tomlwith the values for your account. Make sure to useKVas the binding name for your KV namespace. - Update the
externalEvaluationfunction inindex.jswith your business logic. - Run
wrangler publish - In the zero trust dashboard update your Access policy and add an
External Evaluation rule - If your worker was deployed on
example.com/*in workers then fill in theEvaluate URLbox withhttps://example.comand fill in theKeys URLwithhttps://example.com/keys
Run wrangler tail -f pretty to get basic debug logs for your worker. If you set DEBUG=true in wrangler.toml it will also output the incoming and outgoing JWTs. You can plug these into JWT.io to see what Access is sending you and what you are returning to Access.