Disabling "Default IDP" for IFS public endpoint in IFS Cloud

Hi is it possible to block traffic to a particular endpoint in ifs cloud to deactivate in IFS cloud as we had in IFS 10. in ifs we could block the traffic to https://<host>/openid-connect-provider /*

Does it exist a similar endpoint in IFS Cloud. Seems like /auth is used to more than just the authetication process for the default IDP.

Kjell Åge

Page 1 / 1

@kjro the different endpoints in IFS Cloud are documented here: https://docs.ifs.com/techdocs/24r2/070_remote_deploy/090_exposing_to_internet/

and yes, in a general sense, you can whitelist traffic to only the endpoints that you want to be externally accessible.

I’m not an expert on the /auth endpoint itself, but I hope this gives you a way forward!

Best regards,

Rukmal

@Rukmal Fernando we have tested to block access to /auth but this is used for other things to in the solution.

Then the question is this endpoint only used for the internal IDP or is this used during Azure auth also?
auth/realms/<namespace>/protocol/openid-connect/auth?

Does it exist a more fin graded endpoint list /auth?

@kjro I’m unfortunately not an expert on the /auth endpoint. @subslk, @Mjaylk I think you can clarify this better :)

Best regards,

Rukmal

Reply

Did you find what you're looking for? If not:

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded