Single-vendor SASE simplifies security, networking, and DevOps. Announcement >

Secure Third Party Access

Give third party collaborators a first class experience, with fast and safe access to applications
Illustration of an identity with icons of identity providers

Providing application access to collaborators outside your organization — whether they’re contract workers, agencies, or partner organizations — can be a security risk and a logistical headache. Learn how Cloudflare Access makes connecting 3rd party users to workforce apps secure and simple.

Illustration of an identity with icons of identity providers

The challenge of sharing identity sources

Third Party Access - Before

If your team has an application that you need to share with partners or contractors, both parties need to agree on a source of identity. Some teams opt to solve that challenge by onboarding external users to their own identity provider. When contractors join a project, the IT department receives help desk tickets to create new user accounts in the organization directory. Contractors receive instructions on how to sign-up. They spend time creating passwords and learning the new tool, and then use those credentials to login.

Third Party Access - Before

Multi-SSO with Cloudflare Access

Third Party Access - After

Access allows you to use multiple sources of identity to grant different groups of users access to the same application. This gives you the flexibility to extend access to external users (3rd parties, contractors, vendors) without having to onboard them onto your centralized Identity Provider.

Third Party Access - After
Manage third party access confidently with Zero Trust access
Cloudflare Access delivers Zero Trust access for third party collaborators, helping you enforce least privilege across all applications without additional overhead.
3rd party access use cases

Integrate multiple identity providers

Screenshot of Cloudflare for Teams dashboard on identity providers screen.

Your contractors can bring their own existing identities from LinkedIn, GitHub, Google or other providers for seamless login. IT teams save time and resources by keeping contractors out of the corporate identity tenant. Security gains peace of mind knowing third-party users have narrowly scoped permissions.

Screenshot of Cloudflare for Teams dashboard on identity providers screen.

Time-based OTPs for authentication

Cloudflare Access login screen.

Guest users can authenticate with time-based one-time passwords based on user email addresses.

Cloudflare Access login screen.

Granular access policies

Screenshot of the Cloudflare for Teams dashboard's location configuration screen.

Adopt Zero Trust best practices by applying least privilege: Only provide your partners access to the apps they need to be successful and eliminate the unnecessary risks of granting permissions for apps they won’t even use.

Screenshot of the Cloudflare for Teams dashboard's location configuration screen.

Monitor user access and change logs

Screenshot of Cloudflare for Teams user activity logs list.

View and search real-time access logs in the dashboard or send to a third party SIEM for analysis. Full visibility across your contractor activity enables auditing and helps your organization manage its security more proactively.

Screenshot of Cloudflare for Teams user activity logs list.

Helping organizations worldwide progress towards Zero Trust

Start Now

Cloudflare for Teams - dashboard showing trends, logins, etc

Secure access to your corporate applications without a VPN. Getting started with Access takes minutes. With our free plan, your first 50 users are free.

Cloudflare for Teams - dashboard showing trends, logins, etc