Woodard Digital - Zero Trust Access

Woodard Digital - Zero Trust Access Link to heading

Woodard Digital - Zero Trust Access is the identity-verification layer that Woodard Digital uses to protect its private web applications and internal tools. This page explains what the application does, why it requests sign-in through Google, and exactly what information it uses.


What this application does Link to heading

Woodard Digital hosts a number of private, self-managed applications and internal dashboards. Rather than exposing these tools directly to the public internet, they sit behind Cloudflare Zero Trust (Cloudflare Access).

Woodard Digital - Zero Trust Access is the OAuth application that lets Cloudflare Access confirm a visitor’s identity through Google before granting them entry to a protected resource. In plain terms: when you try to reach one of these private applications, you are asked to sign in, and this app checks that you are who you say you are. If your identity is on the approved list, you are let in. If not, you never reach the application at all.

The app is used solely for authentication and authorization — verifying identity and enforcing access policy. It does not read your email, your files, your contacts, or any other Google data.


What is Cloudflare Zero Trust? Link to heading

Traditional network security assumes that anything inside the “corporate network” can be trusted and everything outside is a threat. That model breaks down the moment you work from anywhere, use cloud apps, or host services on the open internet.

Zero Trust replaces “trust the network” with a simpler, stricter rule: never trust, always verify. Every request to reach a protected application must prove who is making it and whether they are allowed, every single time — regardless of where they are connecting from.

Cloudflare Zero Trust enforces this by placing a checkpoint in front of each protected application. Before any request reaches the actual service, Cloudflare:

  1. Identifies the user — through a trusted identity provider such as Google.
  2. Evaluates the access policy — is this specific person allowed to reach this specific application?
  3. Allows or blocks the request — only verified, authorized users ever reach the application; everyone else is stopped at the edge.

How I use it to secure applications Link to heading

Here is how Woodard Digital - Zero Trust Access fits into securing an application end to end:

  1. The application stays private. Protected apps are never published for anonymous public access. They are reachable only through Cloudflare’s network.

  2. Cloudflare Access sits in front. A visitor requesting a protected URL is intercepted by Cloudflare Access before the request ever reaches the underlying server.

  3. Identity is verified through Google. Cloudflare hands the visitor off to Google to sign in. This is where the “Woodard Digital - Zero Trust Access” OAuth app is used — it lets Cloudflare confirm the visitor’s basic identity (name and email address) from their Google account.

  4. Policy is enforced. Cloudflare checks the verified email against an allow-list of approved users, domains, or groups. Only matches are permitted through.

  5. Access is granted or denied. Approved users are seamlessly forwarded to the application. Everyone else is blocked at Cloudflare’s edge and never touches the protected service.

This gives every protected application strong, centrally-managed authentication without building custom login systems into each app.


What data this application uses Link to heading

To verify identity, the application relies on the minimum information Google provides during sign-in:

  • Name — to display who is signed in.
  • Email address — to match against the Cloudflare Access allow-list.

That is the extent of it. The application does not access, store, or process your Google messages, documents, calendar, contacts, or any other private data. It requests only the basic profile and email scopes needed to confirm identity for access control.

For details on how data is handled, see the Privacy Policy and Terms of Service.


Contact Link to heading

Questions about Woodard Digital - Zero Trust Access, or need access to a protected application? Reach out to Levi Woodard at [email protected].