End-User Login Experience — Zero Trust Demo

What an employee actually sees when accessing a Zero Trust protected app. Click Start to walk through it in real time.

The point: Zero Trust isn't supposed to be painful for users. The flow you're about to see is what your team experiences when they log in to any protected app — internal HR tool, financial system, code repo, whatever. Total time, end to end, is usually under 5 seconds. And after the first login, single sign-on kicks in and most of these steps disappear entirely.

Click "Start the flow" to see what your employees experience when they log in.

You're being verified

Cloudflare is checking your identity and device before letting you in.

Appfinance-portal.tarheel.us

RequiredCorporate IdP + posture check

NetworkAnywhere (no VPN required)

Sign in with Okta

Your company has chosen Okta as your identity provider

Password

••••••••••••

Verifying your device

Cloudflare checks that your device meets your company's security requirements before granting access.

OS up to date (macOS 14.0+)

Disk encryption enabled (FileVault)

EDR agent running (CrowdStrike)

Cloudflare One Client active

Acme Financial Portal

Welcome back, Mayah. Your last sign-in was 2 hours ago from your corporate MacBook.

📊 Daily trading dashboard — real-time market data, your team's positions, alerts.

💼 Client accounts (43 active) — quick search, recent activity, compliance flags.

📁 Documents — last quarterly report opened 2 days ago, 12 pending reviews.

✓ Verified via Cloudflare Zero Trust

What just happened (the demo narration): Mayah typed the app URL. Cloudflare intercepted the request, sent her to her corporate IdP for SSO, ran a posture check on her device without her seeing it as a separate step, then loaded the app. Total time: under 5 seconds. Identity verified. Device verified. Policy enforced. All before traffic ever hit the application. On her next visit today, SSO skips the password step entirely — she sees this flow once per day, not per app.