Domain Security Info
Users
Updated May 1, 2026, 8:34 AM
Users#
The admin interface tracks who has access and what they do. User accounts are created automatically the first time someone logs in through Cloudflare Access โ there is no manual account creation process.
How user accounts work#
When someone authenticates through Cloudflare Access and visits the admin interface for the first time, the system automatically creates a user record. The user's email, name, and authentication details come from the Cloudflare Access token.
Administrators do not need to create accounts ahead of time. Access is controlled by Cloudflare Access policies โ if someone can pass Cloudflare Access authentication, the system creates their account on first login.
Viewing users#
- Go to Users under System in the navigation.
- You'll see a table of all users who have accessed the admin interface.
The table shows:
| Column | What it shows |
|---|---|
| The user's email address from Cloudflare Access. | |
| Name | The user's display name. |
| Role | The user's permission level. |
| First login | When the user first accessed the admin interface. |
| Last login | When the user most recently logged in. |
Viewing a user's activity#
Click View Activity next to a user to see their audit log entries. This shows every action that user has taken in the admin interface, including what they created, edited, or deleted, and when.
User roles#
The system supports four roles:
| Role | What it allows |
|---|---|
| Super admin | Full access to everything, including user management and system configuration. |
| Admin | Full access to data management (brands, tags, domains, prefixes) and analytics. |
| Editor | Can create and edit data but cannot delete items or access system settings. |
| Viewer | Read-only access. Can view all data but cannot make changes. |
How authentication works#
Authentication is handled entirely by Cloudflare Access. The admin interface does not have its own login system. When someone visits the admin URL:
- Cloudflare Access intercepts the request and requires authentication.
- The user logs in through the configured identity provider (such as a corporate SSO or email-based authentication).
- Cloudflare Access issues a signed JWT (JSON Web Token) that the admin interface validates.
- The system reads the user's identity from the token and creates or updates their user record.
If someone does not have a valid Cloudflare Access token, they receive a 403 Forbidden response and cannot access the admin interface.
Session tracking#
Each time a user accesses the admin interface, the system records a session. Sessions track:
- When the session started and when the user was last active.
- The user's IP address and approximate location (from Cloudflare headers).
- The browser or client used.
- How the user authenticated (SAML, OIDC, or service token).
Session data helps administrators understand access patterns and investigate security concerns.