cloudflare
diff --git a/‎public/__redirects‎
Lines changed: 3 additions & 0 deletions b/‎public/__redirects‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎src/content/changelog/gateway/2025-04-11-http-redirect-custom-block-page-redirect.mdx‎
Lines changed: 1 addition & 1 deletion b/‎src/content/changelog/gateway/2025-04-11-http-redirect-custom-block-page-redirect.mdx‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/enforce-mtls.mdx‎
Lines changed: 1 addition & 1 deletion b/‎src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/enforce-mtls.mdx‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/content/docs/cloudflare-one/reusable-components/posture-checks/access-integrations/mutual-tls-authentication.mdx‎ renamed to ‎src/content/docs/cloudflare-one/access-controls/service-credentials/mutual-tls-authentication.mdx‎ b/‎src/content/docs/cloudflare-one/reusable-components/posture-checks/access-integrations/mutual-tls-authentication.mdx‎ renamed to ‎src/content/docs/cloudflare-one/access-controls/service-credentials/mutual-tls-authentication.mdx‎
diff --git a/‎src/content/docs/cloudflare-one/reusable-components/custom-pages/app-launcher-customization.mdx‎
Lines changed: 44 additions & 0 deletions b/‎src/content/docs/cloudflare-one/reusable-components/custom-pages/app-launcher-customization.mdx‎
Lines changed: 44 additions & 0 deletions
diff --git a/‎src/content/docs/cloudflare-one/traffic-policies/block-page.mdx‎ renamed to ‎src/content/docs/cloudflare-one/reusable-components/custom-pages/gateway-block-page.mdx‎
Lines changed: 1 addition & 1 deletion b/‎src/content/docs/cloudflare-one/traffic-policies/block-page.mdx‎ renamed to ‎src/content/docs/cloudflare-one/reusable-components/custom-pages/gateway-block-page.mdx‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/content/docs/cloudflare-one/reusable-components/posture-checks/access-integrations.mdx‎
Lines changed: 15 additions & 0 deletions b/‎src/content/docs/cloudflare-one/reusable-components/posture-checks/access-integrations.mdx‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎src/content/docs/cloudflare-one/reusable-components/posture-checks/access-integrations/index.mdx‎
Lines changed: 0 additions & 14 deletions b/‎src/content/docs/cloudflare-one/reusable-components/posture-checks/access-integrations/index.mdx‎
Lines changed: 0 additions & 14 deletions
diff --git a/‎src/content/docs/cloudflare-one/reusable-components/posture-checks/index.mdx‎
Lines changed: 1 addition & 1 deletion b/‎src/content/docs/cloudflare-one/reusable-components/posture-checks/index.mdx‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/client-certificate.mdx‎
Lines changed: 1 addition & 1 deletion b/‎src/content/docs/cloudflare-one/reusable-components/posture-checks/warp-client-checks/client-certificate.mdx‎
Lines changed: 1 addition & 1 deletion
@@ -2389,6 +2389,7 @@
 /cloudflare-one/identity/users/scim/ /cloudflare-one/team-and-resources/users/scim/ 301
 /cloudflare-one/applications/login-page/ /cloudflare-one/reusable-components/custom-pages/access-login-page/ 301
 /cloudflare-one/applications/block-page/ /cloudflare-one/reusable-components/custom-pages/access-block-page/ 301
+/cloudflare-one/policies/gateway/block-page/ /cloudflare-one/reusable-components/custom-pages/gateway-block-page/ 301
 /cloudflare-one/applications/app-library/ /cloudflare-one/team-and-resources/app-library/ 301
 /cloudflare-one/applications/bookmarks/ /cloudflare-one/access-controls/applications/bookmarks/ 301
 /cloudflare-one/applications/app-launcher/ /cloudflare-one/access-controls/access-settings/app-launcher/ 301
@@ -2399,9 +2400,11 @@
 /cloudflare-one/identity/authorization-cookie/application-token/ /cloudflare-one/access-controls/applications/http-apps/authorization-cookie/application-token/ 301
 /cloudflare-one/identity/authorization-cookie/cors/ /cloudflare-one/access-controls/applications/http-apps/authorization-cookie/cors/ 301
 /cloudflare-one/identity/service-tokens/ /cloudflare-one/access-controls/service-credentials/service-tokens/ 301
+/cloudflare-one/identity/mutual-tls-authentication/ /cloudflare-one/access-controls/service-credentials/mutual-tls-authentication/ 301
 /cloudflare-one/applications/configure-apps/mcp-servers/mcp-portals/ /cloudflare-one/access-controls/ai-controls/mcp-portals/ 301
 /cloudflare-one/applications/configure-apps/mcp-servers/saas-mcp/ /cloudflare-one/access-controls/ai-controls/saas-mcp/ 031
 /cloudflare-one/applications/configure-apps/mcp-servers/linked-apps/ /cloudflare-one/access-controls/ai-controls/linked-apps/ 301
+/cloudflare-one/identity/devices/access-integrations/tanium/ /cloudflare-one/reusable-components/posture-checks/warp-client-checks/tanium/ 301
 /cloudflare-one/connections/connect-devices/* /cloudflare-one/team-and-resources/devices/:splat 301
 /cloudflare-one/connections/connect-networks/* /cloudflare-one/networks/connectors/cloudflare-tunnel/:splat 301
 /cloudflare-one/policies/gateway/* /cloudflare-one/traffic-policies/:splat 301
 
@@ -12,4 +12,4 @@ You can now use more flexible redirect capabilities in Cloudflare One with Gatew
 - A new **Redirect** action is available in the HTTP policy builder, allowing admins to redirect users to any URL when their request matches a policy. You can choose to preserve the original URL and query string, and optionally include policy context via query parameters.
 - For **Block** actions, admins can now configure a custom URL to display when access is denied. This block page redirect is set at the account level and can be overridden in DNS or HTTP policies. Policy context can also be passed along in the URL.
 
-Learn more in our documentation for [HTTP Redirect](/cloudflare-one/traffic-policies/http-policies/#redirect) and [Block page redirect](/cloudflare-one/traffic-policies/block-page/#redirect-to-a-block-page).
+Learn more in our documentation for [HTTP Redirect](/cloudflare-one/traffic-policies/http-policies/#redirect) and [Block page redirect](/cloudflare-one/reusable-components/custom-pages/gateway-block-page/#redirect-to-a-block-page).
@@ -24,7 +24,7 @@ However, if you want to update the Minimum TLS settings for all wildcard hostnam
 
 ## Enable mTLS
 
-Once you have [added a custom hostname](/cloudflare-for-platforms/cloudflare-for-saas/start/getting-started/), you can enable mTLS by using Cloudflare Access. Go to [Cloudflare Zero Trust](https://one.dash.cloudflare.com/) and [add mTLS authentication](/cloudflare-one/reusable-components/posture-checks/access-integrations/mutual-tls-authentication/) with a few clicks.
+Once you have [added a custom hostname](/cloudflare-for-platforms/cloudflare-for-saas/start/getting-started/), you can enable mTLS by using Cloudflare Access. Go to [Cloudflare Zero Trust](https://one.dash.cloudflare.com/) and [add mTLS authentication](/cloudflare-one/access-controls/service-credentials/mutual-tls-authentication/) with a few clicks.
 
 :::note
 Currently, you cannot add mTLS policies for custom hostnames using [API Shield](/api-shield/security/mtls/).
 
@@ -0,0 +1,44 @@
+---
+pcx_content_type: how-to
+title: App Launcher customization
+sidebar:
+  order: 2
+---
+
+import { Render } from "~/components";
+
+:::note
+
+Only available on Pay-as-you-go and Enterprise plans.
+:::
+
+You can display your own branding, messages, and links to users when they open the [Access App Launcher](/cloudflare-one/access-controls/access-settings/app-launcher/).
+
+To customize the App Launcher appearance:
+
+1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Custom Pages**.
+2. Find the **Customize App Launcher** setting and select **Customize**.
+3. Give the App Launcher the look and feel of your organization by adding:
+   - Your organization's name
+   - A logo
+   - A preferred background color for the header
+   - A preferred background color for the page
+   - A custom footer with links to your organization's help desk or other internal resources.
+
+:::note
+
+We recommend lighter background colors because the font defaults to black.
+:::
+
+4. Next, customize the landing page that users will see when they login to the App Launcher. Available properties include:
+   - A custom title
+   - A custom subtitle
+   - An image
+   - A preferred color for the **Log in** button
+   - A preferred color for the **Log in** button text
+
+   All of the properties configured in Step 3 will also apply to the landing page.
+
+5. Once you are satisfied with your customization, select **Save**.
+
+The App Launcher screens are now updated. To view your changes, select **Preview**.
@@ -2,7 +2,7 @@
 pcx_content_type: how-to
 title: Block page
 sidebar:
-  order: 14
+  order: 1
 ---
 
 import { Render, Tabs, TabItem } from "~/components";
 
@@ -0,0 +1,15 @@
+---
+pcx_content_type: navigation
+title: Access integrations
+sidebar:
+  order: 4
+---
+
+The following device posture checks do not require the WARP client and can only be used in [Cloudflare Access policies](/cloudflare-one/access-controls/policies/). They cannot be used in Gateway network policies.
+
+## Supported operating systems
+
+| Device posture check                                                                            | macOS | Windows | Linux | iOS | Android/ChromeOS |
+| ----------------------------------------------------------------------------------------------- | ----- | ------- | ----- | --- |---------------------------------------------------------------------------------------- |
+| [Microsoft Entra ID Conditional Access](/cloudflare-one/tutorials/entra-id-conditional-access/) | ✅    | ✅      | ❌    | ❌  | ❌               |
+| [Mutual TLS](/cloudflare-one/access-controls/service-credentials/mutual-tls-authentication/)   | ✅    | ✅      | ✅    | ✅  | ✅               |
@@ -32,7 +32,7 @@ You can now use your device posture check in an [Access policy](/cloudflare-one/
 
 :::caution[Gateway policy limitation]
 
-Gateway does not support device posture checks for the [Tanium Access integration](/cloudflare-one/reusable-components/posture-checks/access-integrations/tanium/).
+Gateway does not support device posture checks for the [Tanium Access integration](/cloudflare-one/reusable-components/posture-checks/warp-client-checks/tanium/).
 :::
 
 ## 4. Ensure traffic is going through WARP
 
@@ -44,7 +44,7 @@ The Client Certificate device posture attribute checks if the device has a valid
 
 :::note
 
-To generate a sample root CA for testing, refer to [Generate mTLS certificates](/cloudflare-one/reusable-components/posture-checks/access-integrations/mutual-tls-authentication/#generate-mtls-certificates).
+To generate a sample root CA for testing, refer to [Generate mTLS certificates](/cloudflare-one/access-controls/service-credentials/mutual-tls-authentication/#generate-mtls-certificates).
 :::
 
 ## Configure the client certificate check