Secure entry

Static shell, Worker authority.

Email OTP happens at the Cloudflare Access gate before this static page loads. The browser then asks the same-origin Worker to create an opaque app session with CSRF protection, without collecting another credential.

한국어 줄바꿈 확인日本語表示確認Keyboard first

Checking Access

Opening admin session

No credential, token, or Access claim is entered here. If Cloudflare Access accepted your OTP, the Worker can bind this browser to an app session automatically.

Checking Cloudflare Access and preparing the app session...