Skip to main content
All CollectionsHackingGateway - Hackers
Configure Client for a Specific Program
Configure Client for a Specific Program

Hackers: Configure your WARP Client for specific programs

Updated over 3 months ago

These guides assume you already have the WARP Client installed. If you don't, please go to our Warp Client Install document and follow the instructions there. To find the Cloudflare team name needed for this configuration, go to Profile > User Settings > Gateway.

Windows

  1. Go to Account preferences in the client, and click Login with Cloudflare for Teams.

  2. Fill in the team name and click OK:

  3. Login to the WARP authentication website (pops up automatically). Use your whitelisted "@wearehackerone.com" email address.

    1. Note: Please use your @wearehackerone.com alias.

  4. Authentication successful, register client into the program

  5. Click the "Open Cloudflare WARP" button

  6. Client changed

    1. The client should now display "Zero Trust" instead of "WARP"

macOS

  1. Go to Account preferences in the client.

  2. Click the Account tab, then click Login with Cloudflare Zero Trust.

  3. Fill in the team name and click Done:

  4. Login to the WARP authentication website (pops up automatically). Use your whitelisted "@wearehackerone.com" email address.

    Note: Please use your @wearehackerone.com alias.

  5. Authentication successful, register client into the program

  6. Click the "Open Cloudflare WARP" button

  7. Client changed

  8. The client should now display "Zero Trust" instead of "WARP"

Linux

  1. To connect for the very first time you must register first warp in your system. Register the client:

    warp-cli register

    Note: (Repeat in case of API error)

  2. Convert WARP to Zero Trust, by logging into the team domain:

    warp-cli teams-enroll [team-name]

  3. Navigate to the domain page, add your whitelisted e-mail address, get the one-pin, and connect

    A browser window should open at the following URL: https://[team-name].cloudflareaccess.com/warp If the browser fails to open, please visit the URL above directly in your browser.

    Note: Please use the same email you registered with HackerOne.

    1. CLI-only login Alternatively if you have CLI-only access you can:

      warp-cli teams-enroll [team-name]


      After this open the URL listed in the output on your local machine, or via a terminal-based browser. Then within 30 seconds of authenticating. Copy the token and use it in the terminal:

      warp-cli teams-enroll-token com.cloudflare.warp://[team-name].cloudflareaccess.com/auth?token=[token]

    2. If the timer runs out before you enter the token you will get the following error:

      Error: Invalid JWT provided.

  4. Connect the WARP Client

warp-cli connect warp-cli status -> Must show "Status update: Connected" warp-cli account -> will show if connecting to account was successful

Troubleshooting

Split Tunnel Policy

It is possible to check the split-tunnel policy from the client.

  1. In Settings, go to Advanced

  2. Click on the button Split Tunnel

The same is possible from the command line:

warp-cli settings

That will return something like:

Merged configuration: Always On: true Switch Locked: false Mode: WarpWithDnsOverHttps Cloudflare for Families: Off Disabled for Wifi: false Disabled for Ethernet: false Gateway Id: [gateway_id] Onboarding: true Include mode, with hosts/ips: ifconfig.me Fallback domains: home.arpa ...

Did this answer your question?