Block anonymous traffic
at the edge
Authentication proxy powered by Cloudflare's global network. Add Google, GitHub, or Microsoft OAuth to any app — no code changes required.
Everything you need to protect your apps
AuthProxy handles authentication at the network edge, so you can focus on building.
Edge Blocking
Unauthenticated requests are blocked at Cloudflare's edge, before they ever reach your server. Reduce attack surface and save bandwidth.
Zero Code Changes
Add authentication to any HTTP service. No SDK, no library, no code changes. Works with any language or framework.
Identity Headers
User identity is passed to your app via trusted X-Auth-Email headers. Build personalized experiences without managing sessions.
Built-in CDN, WAF & SSL
Every site gets Cloudflare's CDN, DDoS protection, Web Application Firewall, and automatic SSL certificates. No extra setup.
Analytics & Visibility
Know who's accessing your apps, when, and from where. Analytics are built in from day one — no extra tools needed.
Basic analytics included free. Upgrade to Pro for the full picture:
Analytics
Organization-wide insights across all sites
Requests Over Time
Requests by Site
Top Users
Auth Provider Usage
Protect your app in minutes
Three simple steps to add authentication to any HTTP service.
Create a Site
Add your app in the dashboard. Get a unique subdomain like admin-acme.on.authproxy.app.
Configure Access
Set allowed email domains or specific addresses. Only authorized users can access your app.
Done!
Your app is protected. AuthProxy handles OAuth, sessions, and passes user identity to your backend.
Your users get a managed login page:
Sign in to Acme Admin
Authentication required to access this protected resource
Your server receives trusted identity headers:
// Headers received by your server
X-Auth-Email: [email protected]
X-Auth-Name: Alice Smith
X-Auth-ID: 123456789Simple, predictable pricing
No per-user fees. Start free, upgrade when you need more.
Free
- 5 protected sites
- 5 team members
- 10 end users
- Google, GitHub & Microsoft OAuth
- 90-day log retention
- Community support
Pro
- Unlimited sites
- Unlimited team members
- 100 end users
- All auth providers
- 90-day log retention
- Full analytics suite
- Email support
Enterprise
- Everything in Pro
- Custom feature development
- OIDC / SAML integration
- Additional auth providers
- Your priorities shape our roadmap
- Dedicated support
Powered by Cloudflare · AES-256 encryption · Global CDN (330+ PoPs) · DDoS protection · Auto TLS
How we compare
AuthProxy vs. the most popular self-hosted authentication proxy.
vs oauth2-proxy (self-hosted)
| Feature | AuthProxy | oauth2-proxy |
|---|---|---|
| Managed service (no ops) | ✓ | ✗ |
| Access logs with CSV export | ✓ | ✗ |
| Traffic analytics dashboard | ✓ | ✗ |
| Geographic & network insights | ✓ | ✗ |
| Built-in CDN, WAF & DDoS protection | ✓ | ✗ |
| Automatic SSL/TLS certificates | ✓ | ✗ |
| Multiple providers per site | ✓ | ✗ |
| High availability out of the box | ✓ | ✗ |
| Setup time | 5 minutes | 1+ hours |
| OAuth providers | Google, GitHub, Microsoft | 15+ providers |
| Security patches | Automatic | Manual |
| Session storage | Managed | Self-managed (Redis) |
| Self-hosted option | ✗ | ✓ |
| Generic OIDC support | ✗ | ✓ |
Ready to protect your applications?
Start for free. No credit card required. Protect your first site in under 5 minutes.