Zero Trust for SaaS: Deploying mTLS on custom hostnames

Cloudflare has introduced mutual TLS (mTLS) authentication support for its Access product, allowing SaaS providers to add an extra layer of security to their customers' domains. This feature is particularly useful for high-security services such as payment processors, where only authorized devices should be able to make requests. By using mTLS, SaaS providers can configure a Root CA for each customer and issue client certificates that will be installed on authorized devices. This ensures that requests bound for the API endpoint only come from valid devices and prevents unauthorized access. The feature is currently in Beta and available for Enterprise customers to use.