We are experimenting with Flexible Environment and we want to migrate an existing application. Everything seems to go well except from cron entries.

We have a bunch of cron and every url is secured as admin" (as stated in the documentation), but every time the url is hit by the cron service we get a 403 status, if the url is hit by the user via browser everything works well.

On standard environment everything is good.

Is there anything we can check about?

I assume you add login: admin in app.yaml handler section to secure cron service on Google App Engine standard environment.

But on App Engine flex, it changed how to secure your cron handlers like this (PHP example):

Check $_SERVER['HTTP_X_APPENGINE_CRON'] and if it's true, the requests are coming from App Engine cron service.