一般情况下,启用Access Policy能够控制abc.pages.dev的域名的请求访问,在浏览器进行访问时会需要指定的邮箱验证。
但是,想把它应用到自定义的域名上,就需要在Zero Trust里面进行配置。这个步骤需要绑卡。
我们可以想办法绕过它。
在访问路径后添加/add
通过API进行修改
具体详见官方API文档
这里讲一下思路,先列出所有app list,然后再参照返回的内容以及官方文档进行修改。
如果仅仅想修改一下访问策略,比如管理有效邮箱,也可以先列出该app的所有policy,然后再参照返回的内容以及文档进行修改。
GET https://api.cloudflare.com/client/v4/accounts/{account id}/access/apps
{
"result": [
{
"id": "app的id",
"uid": "app的id",
"type": "self_hosted",
"name": "app的名称",
"aud": "xxxxxxxx",
"created_at": "2024-10-03T14:39:34Z",
"updated_at": "2024-10-03T14:39:34Z",
"domain": "受控域名",
"domain_type": "public",
"self_hosted_domains": [
"受控域名",
"*.xxx.pages.dev"
],
"app_launcher_visible": true,
"allowed_idps": [
"xxxx"
],
"tags": [],
"auto_redirect_to_identity": false,
"policies": [
{
"created_at": "2024-10-03T14:39:34Z",
"decision": "allow",
"exclude": [],
"id": "policy 的id",
"include": [
{
"email": {
"email": "允许登录的邮箱"
}
}
],
"name": "Allow",
"require": [],
"uid": xxxxxx",
"updated_at": "2024-10-03T14:39:34Z",
"reusable": false,
"precedence": 1
}
],
"custom_deny_message": "No auth",
"session_duration": "168h",
"enable_binding_cookie": true,
"http_only_cookie_attribute": true,
"same_site_cookie_attribute": "lax",
"options_preflight_bypass": false
},
... 省略
],
"success": true,
"errors": [],
"messages": [],
"result_info": {
"page": 1,
"per_page": 1000,
"count": 2,
"total_count": 2,
"total_pages": 1
}
}