Cloudflare Docs
Cloudflare Zero Trust
Visit Cloudflare Zero Trust on GitHub
Set theme to dark (⇧+D)

Require WARP

Feature availability
Operating Systems WARP mode required Zero Trust plans
All systems WARP with Gateway All plans

Cloudflare Zero Trust enables you to restrict access to your applications to devices running the Cloudflare WARP client. This allows you to flexibly ensure that a user’s traffic is secure and encrypted before allowing access to a resource protected behind Cloudflare Zero Trust.

​​ 1. Enable the WARP check

  1. In Zero Trust, go to Settings > Network.
  2. Ensure that Proxy is enabled.
  3. Next, go to Settings > WARP Client.
  4. Scroll down to WARP client checks and select Add new.
  5. Select WARP.

You are now ready to start requiring WARP for your Access applications.

​​ 2. Add the check to an Access policy

  1. In Zero Trust, go to Access > Applications.

  2. Locate the application for which you want to require WARP.

  3. Select Edit.

  4. To have an existing policy require WARP, select Edit for that specific policy. Then, add an Include or Require rule which uses the WARP selector.

  5. Select Save rule.

Before granting access to the application, your policy will now check that the device is running the WARP client.