ifs cloud 23r1 application access

Question

Hi Team,We have IFS Cloud 23R1 application is hosted in IFS managed cloud, we need to restrict the application access to below users.case1: Shopfloor Users (Mostly contractors): will not have organization mail id and need access to IFS application from company network.Case2: Sales team(Employees): need access to IFS application within and outside the organization(possibly through SSO).case3: Business users(Employees): Need to restrict access to IFS application only from company provided device(can be within the company network or outside the company network).Case1: We can have basic authentication enabled for user who don’t have access to organization mail id. but how do we restrict them from accessing outside company network.Cas2:SSO can be enabled. whether IFS provides it’s own IDP  and MFA? or Is it only through external IDP?Case3: How do we restrict accessing from external device other than company provided laptops/desktops/mobile/tablets?Regards,GMS

a.hutchings · Answer

Hi GMS,The solution to all your cases would be setting up and external IDP with conditional access. If using office 365 / Entra ID:All Cases - Grant access to the application to only specific User groups & disable IFS local IDP for all users.Case1 - Additionally add the contractors as guest users to your tenant and add them to a group that grants access to the App RegistrationThen setup Conditional Access rules in the azure portal for the application based on the security groups and the specific application in question. These rules can include any combination of MFA, device compliance / ownership as required.

Did you find what you're looking for? If not:

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded