This article provides information about creating custom allowlists as required by your IdP.
Custom Allowlists enable you to define additional FQDNs or IP addresses required by your Identity Provider (IdP) during the authentication process. This is useful when your IdP uses external resources, such as scripts, stylesheets, or redirect URLs, that are not already included in Cato’s default allow list. You can configure entries using IP/mask or FQDN formats, and include single-level wildcards (e.g., *.example.com).
ABC company uses a third-party IdP that references additional external assets hosted on a content delivery network (CDN) like cdn.idp-example.com. While Cato automatically allows common IdP-related URLs, this custom domain isn’t included in the static allow list. To ensure a smooth login experience, you can add cdn.idp-example.com or *.idp-example.com to the Custom Allowlist, allowing users to authenticate without connection issues.
0 comments
Article is closed for comments.