kennyj42

This commit delivers a significant **documentation update** for **Cloudflare One Access controls**, specifically enhancing the guide for **linking self-hosted applications** and MCP servers using OAuth. It revises the `linked-apps.mdx` file to prioritize **UI (Dashboard) instructions** for configuring self-hosted OAuth, while also integrating **API instructions** within a new tabbed interface for comprehensive guidance. This change improves the clarity and usability of the documentation, making it easier for users to configure **Cloudflare Access** for their applications. The update also includes reordered steps and an updated "Selectors" table to provide more accurate and user-friendly instructions.

This commit **improves the documentation** for the **Cloudflare One Okta identity provider integration**, specifically within the `okta.mdx` guide. It **corrects the team domain format** instructions and provides **clarifications** for entering the Client ID, Client secret, and Okta Account URL. This **documentation maintenance** ensures users have more accurate and detailed guidance, reducing potential configuration errors during the Okta integration setup.

This commit **enhances the documentation** for **Cloudflare One Access Controls**, specifically within the `mcp-portals.mdx` guide. It introduces a new **troubleshooting section** to help users diagnose and resolve common issues related to **portal authentication** and server availability. This **documentation update** aims to improve the user experience by providing clear solutions for frequently encountered problems when configuring or using MCP portals.

This commit **updates the Okta integration documentation** by **removing specific steps** related to configuring the `Groups` claim filter within Okta. This **documentation maintenance** simplifies the setup process for users, ensuring the integration guide reflects current best practices or requirements for the **Okta authentication subsystem**. The change primarily affects the **user onboarding experience** for Okta integrations by streamlining the configuration instructions.

This commit **enhances the documentation** for user seat management by adding crucial information about **SCIM deprovisioning**. It details the option for **automated user removal** through SCIM integration, specifically within the `Cloudflare One` team and resources section. This update also **fixes a hyperlink** in the `src/content/docs/cloudflare-one/team-and-resources/users/seat-management.mdx` file, ensuring accurate guidance for users. The work improves clarity for administrators managing team resources and **automating user lifecycle** processes.

This commit **updates the documentation** for **Cloudflare One's Okta integration** to clarify a specific limitation regarding group synchronization. It adds a note to the `src/content/docs/cloudflare-one/integrations/identity-providers/okta.mdx` file, explicitly stating that the **Okta App Catalog template** does not support synchronizing Active Directory groups. This **documentation update** provides crucial information for users configuring Okta as an identity provider, preventing potential confusion or misconfigurations related to AD group management. The change improves the clarity and accuracy of the **identity provider integration guides**, ensuring users have a better understanding of the system's capabilities.

This commit **updates the documentation** for **Cloudflare One Access Controls**, specifically for **self-hosted private applications** configured as non-HTTP. It **removes the explicit port 443 restriction** for private hostnames, clarifying that other ports can be used for these applications. The update also provides crucial details on **SNI requirements** and **CGNAT IP ranges** within the `non-http/self-hosted-private-app.mdx` guide. This **documentation improvement** enhances user understanding of flexible port configurations and ensures accurate setup for a wider range of self-hosted applications.

This commit **updates the changelog** for **Cloudflare Access**, documenting a significant **new capability** for its **private hostname applications**. It announces that these applications now **support all ports and protocols**, providing users with greater flexibility and **enhanced security controls** for their network configurations. This **documentation update** ensures that users are informed about the expanded configuration options available within the Access platform. The change is recorded in `src/content/changelog/access/2025-10-28-Access-Application-Support-For-All-Ports-And-Protocols.mdx`.

This commit **updates the documentation** for **Cloudflare One's MCP Portal** feature, providing essential guidance for client configurations. It specifically adds recommended settings for **MCP Portal** clients and detailed instructions within `mcp-portals.mdx` on how to force **MCP Client reauthentication** and manage OAuth sessions. This **documentation enhancement** improves user understanding and streamlines the setup and maintenance process for clients interacting with MCP Servers.

This commit **updates the Cloudflare One documentation** to enhance guidance for configuring **self-hosted private applications**. It specifically adds a call-out in `self-hosted-private-app.mdx` to explain how to route applications that are behind a **public IP or hostname**. This **documentation update** clarifies configuration steps for **Cloudflare Access**, improving the user experience by addressing specific routing scenarios. Additionally, it refines content by removing a private IP note from a partial that was not relevant in the clientless access learning path.

This commit provides a **documentation fix** by correcting a critical typo within the **Dashboard SSO** configuration guide. Specifically, it updates the required TXT record prefix from `cloudflared_dashboard_sso=` to the correct `cloudflare_dashboard_sso=` in the `src/content/docs/fundamentals/manage-members/dashboard-sso.mdx` file. This **maintenance update** ensures that users accurately configure their Single Sign-On settings, preventing potential misconfigurations and improving the clarity of the **authentication setup process**.

This commit **updates the Cloudflare One documentation** for **SaaS MCP server configuration**, specifically within the **Workers AI Playground instructions**. It **corrects the endpoint URL** used for integration, changing it from `/sse` to `/mcp`. This **documentation maintenance** ensures users are provided with the accurate and current endpoint for connecting their applications, preventing potential configuration issues when setting up **SaaS MCP integrations**.

This commit introduces **new documentation** by adding a **changelog entry** for **MCP Server Portals** in `src/content/changelog/access/2025-08-26-mcp-server-portals.mdx`. This **maintenance** work details the features and benefits of this new capability within the **Access** module. The update ensures users have an official record and clear understanding of the **MCP Server Portals** feature, enhancing discoverability and user comprehension of this important functionality.

This commit introduces a **documentation update** by adding a new entry to the **Access changelog** at `src/content/changelog/access/2025-08-26-access-mcp-oauth.mdx`. It announces the **new capability** of **MCP OAuth support for Access self-hosted applications**, providing users with an additional, modern authentication method. This update ensures that users of **Access** are informed about the expanded integration options available for their self-hosted deployments.

This commit **adds a new changelog entry** to the **Cloudflare Access** documentation, specifically located at `src/content/changelog/access/2025-07-01-Access-Supports-Customer-Metadata-Boundary.mdx`. This **documentation update** announces that **Cloudflare Access logs now support the Customer Metadata Boundary (CMB)**. The change informs users about an important enhancement to the Access logging feature, ensuring they are aware of new data handling capabilities.

This commit **updates documentation** to accurately reflect recent changes and clarifications regarding **Customer Metadata Boundary** support. Specifically, the `compatibility.mdx` file for the **Access** service now details its support for customer metadata boundaries and clarifies handling of **Access User Logs for EU customers**. Additionally, the `logpush-datasets.mdx` file has been updated to indicate full Customer Metadata Boundary support for **Access Requests** within the **Logpush** service. This **documentation update** ensures users have current and precise information on data localization capabilities and metadata handling for these critical services.

This commit provides a **documentation update** to the **Cloudflare One tutorial on Entra ID Conditional Access**. It adds a crucial note to the `src/content/docs/cloudflare-one/tutorials/entra-id-conditional-access.mdx` file, clarifying a specific permission requirement. The update emphasizes that users must select **'Application permissions'** for `Policy.Read.ConditionalAccess`, as delegated permissions will not work. This **clarification** is a **maintenance** task that enhances the accuracy and usability of the **Cloudflare One documentation**, helping users avoid common configuration errors when integrating Entra ID.

This commit provides a **documentation update** to the **Gateway changelog entry** for `2025-04-28-FDQN-Filtering-Egress-Policies.mdx`. It **adds an image** that visually illustrates the concept of Egress by FQDN and Hostname, including necessary format adjustments to ensure proper display. This **enhancement to the changelog content** aims to improve user understanding of the described **FDQN Filtering Egress Policies** feature.

This commit delivers a crucial **documentation update** to the **Cloudflare One identity provider integration guide**, specifically for **PingFederate SAML**. It adds essential instructions to the `src/content/docs/cloudflare-one/identity/idp-integration/pingfederate-saml.mdx` file, detailing how to ensure a `<KeyInfo>` certificate is included as part of the SAML response. This **maintenance** change addresses a critical configuration issue discovered during a customer Proof of Concept, which previously hindered successful integrations. By clarifying the requirement to send the certificate within the SAML signature `KEYINFO` element, this update significantly improves the reliability and ease of **PingFederate SAML integrations**.

This commit **updates the documentation** for **Cloudflare One's short-lived certificates**, specifically within the `short-lived-certificates-legacy.mdx` file. It **adds crucial information** on how to **configure SSH for browser-based terminals**, detailing the process for certificate-based authentication. This **documentation improvement** enhances user guidance, making it easier for administrators to set up and utilize this security feature effectively. The update clarifies the steps required for integrating SSH with the legacy short-lived certificate system, improving the overall user experience for secure access.