How to bypass Cloudflare Tunnel one time PIN authentication

[patkoproperty]

I have an issue though once I set up authentication on my Cloudflare tunnel Eg One time PIN, the app will not work.

I check ur GitHub and the solution seemed to be using "Custom Header with API requests" (https://github.com/paulgessinger/swift-paperless/issues/11)

But I am not sure how to set it up in the Extra Headers.

I tried setting up two headers CF-Access-Client-Id: xxxx CF-Access-Client-Secret: xxxx

But still does not work.

Any advice on how to set up the app to work even with One Time Pin authentication

[zaromarco]

I was wondering also if the server is behind nginx+authelia for 2fa if the app works but I don't think so...any solution appreciated

[paulgessinger]

@patkoproperty I personally don't use CloudFlare tunnel, so I don't know exactly what the problem might be. Someone over on the discussion on the paperless-ngx repository, someone asked about this, and they seem to have gotten it working: https://github.com/paperless-ngx/paperless-ngx/discussions/3283#discussioncomment-5791608. Maybe that would be a good starting point?

@zaromarco This is tricky. For Authelia, I believe people have worked around this by disabling Authelia for the /api endpoint. I'm actually setting up Authelia myself now. I created an issue for this: https://github.com/paulgessinger/swift-paperless/issues/50