Skip to main content
Question

Disabling "Default IDP" for IFS public endpoint in IFS Cloud

  • November 14, 2024
  • 3 replies
  • 53 views
K
Sidekick (Partner)
Forum|alt.badge.img+7
  • kjro
  • Sidekick (Partner)
  • 43 replies

Hi is it possible to block traffic to a particular endpoint in ifs cloud to deactivate in IFS cloud as we had in IFS 10. in ifs we could block the traffic to https://<host>/openid-connect-provider/*

Does it exist a similar endpoint in IFS Cloud. Seems like /auth is used to more than just the authetication process for the default IDP.

 

Kjell Åge

3 replies

Rukmal Fernando
Superhero (Employee)
Forum|alt.badge.img+16
  • Rukmal Fernando
  • Superhero (Employee)
  • 381 replies
  • November 15, 2024

@kjro the different endpoints in IFS Cloud are documented here: https://docs.ifs.com/techdocs/24r2/070_remote_deploy/090_exposing_to_internet/

and yes, in a general sense, you can whitelist traffic to only the endpoints that you want to be externally accessible.

I’m not an expert on the /auth endpoint itself, but I hope this gives you a way forward!

Best regards,

Rukmal

K
Sidekick (Partner)
Forum|alt.badge.img+7
  • kjro
  • Author
  • Sidekick (Partner)
  • 43 replies
  • November 15, 2024

@Rukmal Fernando we have tested to block access to /auth but this is used for other things to in the solution. 

Then the question is this endpoint only used for the internal IDP or is this used during Azure auth also?
auth/realms/<namespace>/protocol/openid-connect/auth?

Does it exist a more fin graded endpoint list /auth? 

Rukmal Fernando
Superhero (Employee)
Forum|alt.badge.img+16
  • Rukmal Fernando
  • Superhero (Employee)
  • 381 replies
  • November 18, 2024

@kjro I’m unfortunately not an expert on the /auth endpoint. ​@subslk, ​@Mjaylk I think you can clarify this better :)

Best regards,

Rukmal

Reply


Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings