cloudflare · Oxyjun · Oct 31, 2025 · Oct 31, 2025
@@ -98,7 +98,10 @@ Service tokens expire according to the token duration you selected when you crea
 
 To renew the service token:
 
-1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Service credentials** > **Service Tokens**.
+1. In Cloudflare One, go to **Access controls** > **Service credentials** > **Service Tokens**.
+
+   <DashButton url="/?to=/:account/access/service-auth" zeroTrust />
+
 2. Locate the token you want to renew.
 3. To extend the token's lifetime by one year, select **Refresh**.
 4. To extend the token's lifetime by more than a year:
@@ -110,7 +113,10 @@ To renew the service token:
 
 If you need to revoke access before the token expires, simply delete the token.
 
-1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Service credentials** > **Service Tokens**.
+1. In Cloudflare One, go to **Access controls** > **Service credentials** > **Service Tokens**.
+
+   <DashButton url="/?to=/:account/access/service-auth" zeroTrust />
+
 2. **Delete** the token you need to revoke.
 
 Services that rely on a deleted service token can no longer reach your application.

@@ -4,7 +4,7 @@ title: Active Directory (SAML)
 description: Integrate Active Directory with Cloudflare One for secure identity management.
 ---
 
-import { GlossaryTooltip } from "~/components";
+import { GlossaryTooltip, DashButton } from "~/components";
 
 :::caution
 Microsoft recommends migrating your Active Directory Federation Service (AD FS) SSO to Microsoft Entra ID. For more information, refer to [Microsoft Learn](https://learn.microsoft.com/windows-server/identity/ad-fs/ad-fs-overview).
@@ -174,7 +174,9 @@ Set-ADFSRelyingPartyTrust -TargetName "Name of RPT Display Name" -SamlResponseSi
 
 To enable Cloudflare One to accept the claims and assertions sent from AD FS, follow these steps:
 
-1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
+1. In Cloudflare One, go to **Integrations** > **Identity providers**.
+
+   <DashButton url="/?to=/:account/integrations/identity-providers" zeroTrust />
 
 2. Under **Your identity providers**, select **Add new identity provider**.
 

@@ -3,6 +3,8 @@ pcx_content_type: how-to
 title: AWS IAM (SAML)
 ---
 
+import { DashButton } from "~/components";
+
 AWS IAM Identity Center provides SSO identity management for users who interact with AWS resources (such as EC2 instances or S3 buckets). You can integrate AWS IAM with Cloudflare Zero Trust as a SAML identity provider, which allows users to authenticate to Zero Trust using their AWS credentials.
 
 ## Prerequisites
@@ -59,7 +61,9 @@ You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com)
 
 16. Under **Assign users and groups**, add individuals and/or groups that should be allowed to login to Cloudflare One.
 
-17. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
+17. In Cloudflare One, go to **Integrations** > **Identity providers**.
+
+    <DashButton url="/?to=/:account/integrations/identity-providers" zeroTrust />
 
 18. Under **Your identity providers**, select **Add new identity provider**.
 

@@ -3,6 +3,8 @@ pcx_content_type: how-to
 title: Amazon Cognito
 ---
 
+import { DashButton } from "~/components";
+
 Amazon Cognito provides SSO identity management for end users of web and mobile apps. You can integrate Amazon Cognito as an OIDC identity provider for Cloudflare One.
 
 ## Prerequisites
@@ -69,7 +71,9 @@ To retrieve those values:
 
 ### 2. Add Amazon Cognito as an identity provider
 
-1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Identity providers**.
+1. In Cloudflare One, go to **Integrations** > **Identity providers**.
+
+   <DashButton url="/?to=/:account/integrations/identity-providers" zeroTrust />
 
 2. Under **Your identity providers**, select **Add new identity provider**.
 

@@ -4,6 +4,8 @@ title: Centrify (SAML)
 description: Learn how to integrate Centrify as a SAML identity provider with Cloudflare One.
 ---
 
+import { DashButton } from "~/components";
+
 Centrify secures access to infrastructure, DevOps, cloud, and other modern enterprise so you can prevent the number one cause of breaches: privileged access abuse.
 ## Set up Centrify as a SAML provider
 
@@ -61,7 +63,9 @@ Centrify secures access to infrastructure, DevOps, cloud, and other modern enter
 
 ### 2. Add Centrify to Cloudflare One
 
-1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Identity providers**.
+1. In Cloudflare One, go to **Integrations** > **Identity providers**.
+
+   <DashButton url="/?to=/:account/integrations/identity-providers" zeroTrust />
 
 2. Under **Your identity providers**, select **Add new identity provider**.
 
@@ -75,7 +79,7 @@ Centrify secures access to infrastructure, DevOps, cloud, and other modern enter
 
 7. Select **Save**.
 
-To test that your connection is working, go to **Integrations** > **Identity providers** and select **Test** next to the identity provider you want to test.
+To test that your connection is working: go to **Integrations** > **Identity providers** and select **Test** next to the identity provider you want to test.
 
 ## Download SP metadata (optional)
 

@@ -3,6 +3,8 @@ pcx_content_type: how-to
 title: Centrify
 ---
 
+import { DashButton } from "~/components";
+
 Centrify secures access to infrastructure, DevOps, cloud, and other modern enterprise so you can prevent the number one cause of breaches: privileged access abuse.
 
 ## Set up Centrify as an OIDC provider
@@ -58,7 +60,9 @@ Centrify secures access to infrastructure, DevOps, cloud, and other modern enter
 
 ### 2. Add Centrify to Cloudflare One
 
-1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
+1. In Cloudflare One, go to **Integrations** > **Identity providers**.
+
+   <DashButton url="/?to=/:account/integrations/identity-providers" zeroTrust />
 
 2. Under **Your identity providers**, select **Add new identity provider**.
 

@@ -3,6 +3,8 @@ pcx_content_type: how-to
 title: Citrix ADC (SAML)
 ---
 
+import { DashButton } from "~/components";
+
 Cloudflare One can integrate with Citrix ADC (formerly Citrix NetScaler ADC) as a SAML IdP. Documentation from Citrix shows you [how to configure Citrix ADC as a SAML IdP](https://docs.citrix.com/en-us/citrix-adc/12-1/aaa-tm/saml-authentication/citrix-adc-saml-idp.html). These steps are specific to Cloudflare One.
 
 ## Set up Citrix ADC (SAML)
@@ -67,7 +69,9 @@ To set up Citrix ADC (SAML) as your identity provider:
    bind authentication vserver nsidp -policy samlPol_CloudflareAccess
    ```
 
-3. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
+3. In Cloudflare One, go to **Integrations** > **Identity providers**.
+
+   <DashButton url="/?to=/:account/integrations/identity-providers" zeroTrust />
 
 4. Under **Your identity providers**, select **Add new identity provider**.
 

@@ -3,7 +3,7 @@ pcx_content_type: how-to
 title: Microsoft Entra ID
 ---
 
-import { Render, Tabs, TabItem, APIRequest } from "~/components";
+import { Render, Tabs, TabItem, APIRequest, DashButton } from "~/components";
 
 You can integrate Microsoft Entra ID (formerly Azure Active Directory) with Cloudflare One and build policies based on user identity and group membership. Users will authenticate to Cloudflare One using their Entra ID credentials.
 
@@ -35,7 +35,9 @@ To retrieve those values:
     https://<your-team-name>.cloudflareaccess.com/cdn-cgi/access/callback
     ```
 
-    In [Cloudflare One](https://one.dash.cloudflare.com), go to **Settings** > **Team name** to find your team name.
+    To find your team name in Cloudflare One, go to **Settings** > **Team name**.
+
+    <DashButton url="/?to=/:account/settings" zeroTrust/>
 
     ![Registering an application in Azure](~/assets/images/cloudflare-one/identity/azure/name-app.png)
 
@@ -90,7 +92,9 @@ More narrow permissions may be used, however this is the set of permissions that
 
 <Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
 
-1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
+1. In Cloudflare One, go to **Integrations** > **Identity providers**.
+
+   <DashButton url="/?to=/:account/integrations/identity-providers" zeroTrust />
 
 2. Under **Your identity providers**, select **Add new identity provider**.
 
@@ -161,9 +165,10 @@ To receive an email claim in the `id_token` from Microsoft Entra, you must:
 
 3. If you gave your email claim another name than `email`, you must update your configuration in Cloudflare One:
 
-		a. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers** > **Azure AD** > **Edit**.
-
-		b. Under **Optional configurations** > **Email claim**, enter the name of the claim representing your organization's email addresses.
+   1. In Cloudflare One, go to **Integrations** > **Identity providers**.
+      <DashButton url="/?to=/:account/integrations/identity-providers" zeroTrust />
+   2. Go to **Azure AD** > **Edit**.
+   3. Under **Optional configurations** > **Email claim**, enter the name of the claim representing your organization's email addresses.
 
 #### Object ID
 
@@ -225,7 +230,13 @@ To check which users and groups were synchronized, select **Provisioning logs**.
 
 <Render file="access/verify-scim-provisioning" product="cloudflare-one" />
 
-To monitor the exchange of identity details between Cloudflare Access and Microsoft Entra ID, go to [Cloudflare One](https://one.dash.cloudflare.com) > **Insights** > **Logs** > **SCIM provisioning logs** and view the [SCIM activity logs](/cloudflare-one/insights/logs/scim-logs/).
+To monitor the exchange of identity details between Cloudflare Access and Microsoft Entra ID:
+
+1. Go to Cloudflare One > **Insights** > **Logs** > **SCIM provisioning logs**
+
+   <DashButton url="/?to=/:account/logs/scim" zeroTrust/>
+
+2. View the [SCIM activity logs](/cloudflare-one/insights/logs/scim-logs/).
 
 ### Provisioning attributes
 

@@ -3,6 +3,8 @@ pcx_content_type: how-to
 title: Facebook
 ---
 
+import { DashButton } from "~/components";
+
 Use these steps to set up Facebook as your identity provider.
 
 1. Go to [developers.facebook.com](https://developers.facebook.com/).
@@ -33,7 +35,9 @@ Use these steps to set up Facebook as your identity provider.
 
     ![Facebook Settings with App ID and App Secret highlighted](~/assets/images/cloudflare-one/identity/facebook/fb6.png)
 
-14. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
+14. In Cloudflare One, go to **Integrations** > **Identity providers**.
+
+    <DashButton url="/?to=/:account/integrations/identity-providers" zeroTrust/>
 
 15. Under **Your identity providers**, select **Add new identity provider**.
 
@@ -53,7 +57,9 @@ Use these steps to set up Facebook as your identity provider.
     https://<your-team-name>.cloudflareaccess.com/cdn-cgi/access/callback
     ```
 
-    You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com) under **Settings** > **Team name**.
+    To find your team name in Cloudflare One, go to **Settings** > **Team name**.
+
+    <DashButton url="/?to=/:account/settings" zeroTrust/>
 
 22. Select **Save Changes**.
 

@@ -5,7 +5,7 @@ sidebar:
   order: 2
 ---
 
-import { Tabs, TabItem, Render, APIRequest } from "~/components";
+import { Tabs, TabItem, Render, APIRequest, DashButton } from "~/components";
 
 Cloudflare Access has a generic OpenID Connect (OIDC) connector to help you integrate IdPs not already set in Access.
 
@@ -19,7 +19,9 @@ Cloudflare Access has a generic OpenID Connect (OIDC) connector to help you inte
    https://<your-team-name>.cloudflareaccess.com/cdn-cgi/access/callback
    ```
 
-   You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com) under **Settings** > **Team name**.
+   To find your team name in Cloudflare One, go to **Settings** > **Team name**.
+
+   <DashButton url="/?to=/:account/settings" zeroTrust/>
 
 3. Copy the content of these fields:
    - Client ID
@@ -34,7 +36,9 @@ Cloudflare Access has a generic OpenID Connect (OIDC) connector to help you inte
 
 <Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
 
-1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
+1. In Cloudflare One, go to **Integrations** > **Identity providers**.
+
+   <DashButton url="/?to=/:account/integrations/identity-providers" zeroTrust/>
 
 2. Under **Your identity providers**, select **Add new identity provider**.
 
@@ -104,7 +108,7 @@ Make a `POST` request to the [Identity Providers](/api/resources/zero_trust/subr
 
 ## 3. Test the connection
 
-To test that your connection is working, go to **Authentication** > **Login methods** and select **Test** next to the login method you want to test. On success, a confirmation screen displays.
+To test that your connection is working, select **Test** next to the login method you want to test. On success, a confirmation screen displays.
 
 ## Synchronize users and groups
 
@@ -146,7 +150,10 @@ All OIDC IdP integrations support the use of custom OIDC claims. Once configured
 To add a custom OIDC claim to an IdP integration:
 
 1.  In your identity provider, ensure that the custom claim is included in your OIDC ID token.
-2.  In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
+2.  In Cloudflare One, go to **Integrations** > **Identity providers**.
+
+    <DashButton url="/?to=/:account/integrations/identity-providers" zeroTrust/>
+
 3.  Under **Your identity providers**, find your identity provider and select **Edit**.
 4.  Under **OIDC Claims**, enter the name of your custom claim (for example, `oid`).
 5.  Select **Save**.

@@ -5,7 +5,7 @@ sidebar:
   order: 2
 ---
 
-import { Tabs, TabItem, Render } from "~/components";
+import { Tabs, TabItem, Render, DashButton } from "~/components";
 
 Cloudflare One integrates with any identity provider that supports SAML 2.0. If your identity provider is not listed in the integration list of login methods in Cloudflare One, it can be configured using SAML 2.0 (or OpenID if OIDC based). Generic SAML can also be used if you would like to pass additional SAML headers or claims for an IdP in the integration list.
 
@@ -28,7 +28,9 @@ The typical setup requirements are:
    ```txt
    https://<your-team-name>.cloudflareaccess.com/cdn-cgi/access/callback
    ```
-   You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com) under **Settings** > **Team name**.
+   To find your team name in Cloudflare One, go to **Settings** > **Team name**.
+
+    <DashButton url="/?to=/:account/settings" zeroTrust/>
 3. Set the **Name ID/Email format** to `emailAddress`.
 4. (Optional) Set the signature policy to _Always Sign_.
 
@@ -45,7 +47,10 @@ To download the SAML metadata file, copy-paste the metadata endpoint into a web
 
 <Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
 
-1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
+1. In Cloudflare One, go to **Integrations** > **Identity providers**.
+
+   <DashButton url="/?to=/:account/integrations/identity-providers" zeroTrust/>
+
 2. Select **Add new identity provider** and select **SAML**.
 3. Choose a descriptive name for your identity provider.
 4. Enter the **Single Sign on URL**, **IdP Entity ID or Issuer URL**, and **Signing certificate** obtained from your identity provider.

@@ -3,6 +3,8 @@ pcx_content_type: how-to
 title: GitHub
 ---
 
+import { DashButton } from "~/components";
+
 Cloudflare One allows your team to connect to your applications using their GitHub login. You do not need to have a GitHub organization to use the integration.
 
 ## Set up GitHub Access
@@ -23,7 +25,9 @@ To configure GitHub access in both GitHub and Cloudflare One:
    https://<your-team-name>.cloudflareaccess.com
    ```
 
-   You can find your team name in [Cloudflare One](https://one.dash.cloudflare.com) by going to **Settings** > **Team name**.
+   To find your team name in Cloudflare One, go to **Settings** > **Team name**.
+
+    <DashButton url="/?to=/:account/settings" zeroTrust/>
 
 6. In the GitHub **Authorization callback URL** field, enter the following URL:
 
@@ -35,7 +39,9 @@ To configure GitHub access in both GitHub and Cloudflare One:
 
 8. Find the **Client ID** and **Client Secret**.
 
-9. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**.
+9. In Cloudflare One, go to **Integrations** > **Identity providers**.
+
+   <DashButton url="/?to=/:account/integrations/identity-providers" zeroTrust/>
 
 10. Select **Add new identity provider** and select **GitHub**.
 
@@ -45,7 +51,14 @@ To configure GitHub access in both GitHub and Cloudflare One:
 
 13. Select **Save**.
 
-To test that your connection is working, go to [Cloudflare One](https://one.dash.cloudflare.com) > **Integrations** > **Identity providers** and select **Test** next to your GitHub login method.
+To test that your connection is working:
+
+- Go to Cloudflare One > **Integrations** > **Identity providers**
+
+  <DashButton url="/?to=/:account/integrations/identity-providers" zeroTrust/>
+
+- Select **Test** next to your GitHub login method.
+
 If you have GitHub two-factor authentication enabled, you will need to first login to GitHub directly and return to Access.
 
 ## Example API Configuration