Subscribe to receive notifications of new posts:

Subscription confirmed. Thank you for subscribing!

Introducing Multi-User Organizations: Share An Account Without Sharing A Login

Loading...

An enterprise needs security and controls around access.

Your web developer needs to update your website’s logo and make sure it’s live immediately, but doesn’t need access to your SSL keys. Your sysadmin manages your DNS, but doesn’t need to see your visitor traffic. Your marketing team needs to see traffic, but shouldn’t have access to your WAF.

Today CloudFlare is introducing new Multi-User functionality so that many members of a team can work together to manage one CloudFlare account, each with different levels of access.

The Super Admin, and Role-Based Permissions

CloudFlare Multi-User accounts are hierarchical, with the root privileges given to the account’s Super Administrator. The Super Administrator can add or delete users in the organization, change the permissions given to each user, and see and edit all CloudFlare settings. If there is more than one Super Administrator, the Super Administrators can remove each other, which is good practice when an employee leaves the company or switches jobs.

When a user joins a multi-user organization on CloudFlare, they can only see and access the settings that a Super Admin has delegated to them. For example, a user added to the organization as a DNS Administrator would only be able to access the DNS app:

A user added to the organization as an Analytics Administrator would only be able to access analytics, but not see or change other settings:

Roles can be mixed and matched so that a team can customize the permissions for their needs.

Here is what a user sees that has both DNS and Analytics roles:

Multi-User and Two-Factor Authentication

Passwords are known to be weak, (try yours here: how quickly does it break?) but stronger methods of authentication such as two-factor authentication (2FA) typically don’t work when multiple people need to share access to a single account.

Over the past year, the world has witnessed many prominent corporate and government accounts compromised as a result of not using two-factor authentication. We’ve supported two-factor authentication for years, and we encourage everyone to turn it on. With Multi-User, any size organization can use 2FA for account security.

Beyond 2FA, Multi-User also provides each user with their own API key so that independent keys can easily be revoked and reissued.

Multi-User Rollout

Multi-User is an Enterprise-only feature and is already in use by large multinational organizations and governments. Starting today, Multi-User is available for all CloudFlare Enterprise customers. If you are an Enterprise customer who would like to have Multi-User enabled, contact your account manager. Not yet a customer? Contact our sales team.

This new functionality is only possible on the new CloudFlare dashboard that we are in the process of rolling out to all users this week

We protect entire corporate networks, help customers build Internet-scale applications efficiently, accelerate any website or Internet application, ward off DDoS attacks, keep hackers at bay, and can help you on your journey to Zero Trust.

Visit 1.1.1.1 from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you're looking for a new career direction, check out our open positions.

Multi-User Dashboard 2FA Product News Security

Follow on Twitter

Dani Grant |@thedanigrant
Cloudflare |Cloudflare

Related Posts

September 30, 2022 2:00PM

Project A11Y: how we upgraded Cloudflare’s dashboard to adhere to industry accessibility standards

At Cloudflare, we believe the Internet should be accessible to everyone. And today, we’re happy to announce a more inclusive Cloudflare dashboard experience: adherence to the industry accessibility standards, including WCAG 2.1 AA and section 508 compliance....