Cloudflare Access Gets Agent-Ready

Cloudflare is rolling out Managed OAuth for Access, a new feature designed to bridge the gap between human users and AI agents accessing internal applications. Previously, applications secured by Cloudflare Access presented a login page that agents could not navigate, effectively blocking their access.

This new capability, now in open beta, allows any OAuth 2.0 compliant agent to authenticate with internal apps. Cloudflare Access acts as the authorization server, guiding agents through a standardized OAuth flow. This process involves dynamic client registration and a PKCE authorization flow, ultimately granting the agent a token to make authenticated requests on behalf of the user.

Making Internal Apps Agent-Ready

Cloudflare has thousands of internal applications, ranging from critical business tools to prototypes. Securing these with Cloudflare Access worked well for human users, but posed a challenge for automated agents. The company previously implemented a workaround using the cloudflared CLI to fetch JWTs for agents.

Managed OAuth eliminates the need for such workarounds. A single click within the Access application settings enables this functionality. Agents can then discover the authorization endpoint at /.well-known/oauth-authorization-server on the app's domain.

This enables agents to securely access data and functionality within internal applications, aligning with the growing trend of AI agents performing tasks within enterprise environments. This is particularly relevant for applications that may not have readily available APIs or CLIs, as mentioned in discussions around Managed OAuth for Access.

Beyond Code: Broadening Agent Access

The implications extend beyond code generation agents. For instance, an internal wiki protected by Access can become agent-accessible by enabling Markdown for Agents and Managed OAuth. This allows agents to read protected content without requiring custom integrations.

Cloudflare emphasizes that this approach avoids the security pitfalls of service accounts and static credentials. By using OAuth, agent actions remain attributable to the human user, preventing issues like the confused deputy problem and ensuring clearer audit trails.

Standards-Based Integration

The feature heavily relies on OAuth 2.0 standards, particularly RFC 9728, which standardizes how agents discover authentication mechanisms. This RFC, official since April 2025, is also adopted by the Model Context Protocol (MCP).

Agents equipped with a 'web fetch' tool can now leverage this standard. If an agent encounters a 401 or 403 response with a WWW-Authenticate header, it can initiate the OAuth flow, prompting the user for consent to authenticate.

Future Identity Management

Cloudflare is also working on enabling shared identity providers across multiple Cloudflare accounts within an organization. This aims to ensure consistent authentication policies, preventing scenarios where one account might have weaker security settings than another.

This enhancement will simplify identity management for organizations with numerous Cloudflare accounts, allowing a single primary Identity Provider (IdP) to govern access across all accounts.

Managed OAuth is now available in open beta for all Cloudflare customers. The company plans further integrations between Cloudflare Access and Cloudflare Workers, alongside new developer tools like wrangler dev --tunnel and a unified CLI for Cloudflare APIs.