A discussion arose about restricting access to ControlUp’s DEX portal, such as with a specific client certificate, IP address or Azure hybrid joined client machine. Using SAML could be a solution as the service provider can deny access if criteria are not met, and IP restrictions are said to be arriving in the early months of 2024. The DEX login method "azure login" does not have further possibilities, but SAML does.
Read the entire ‘Restricting Access to ControlUp DEX Portal’ thread below:
Hey all,
Is there a way to allow access to the DEX portal (or at least to EdgeDX Web portal) only from certain clients? E.g. only clients that have a specific client certificate installed or are Azure hybrid joined client machine. Or exclusively from certain IP addresses?
someone from controlup can confirm but as the portal is a public facing and not a unquie URL like solve i don’t think it can be restricted
For solve we have ip whitelisting @member is this also coming to dex?
in fact if you setup saml you can restrict this on your saml provider
but not the visablity of apps.controlup.com
if you have your saml setup to only allow auth from certain ip addresses they can’t login to app.controlup.com using that saml provider
they can open the page but not login
Nice idea. If the SAML service provider says "No, no access", that should satisfy the customer requirement. I think that helps.
also makes it easier for their security team to control it
but its the the asame as usig the AZURE login avalible in DEX
If SAML Idp is an Azure enterprise app, we should be able to setup Azure App to only allow certain clients, that meet certain criteria. I will have a look into this.
The DEX login method "azure login" has no further possibilties, I think, but SAML does
IP restrictions are on their way to DEX
Will be available early Q1 2024
Continue reading and comment on the thread ‘Restricting Access to ControlUp DEX Portal’. Not a member? Join Here!
Categories: All Archives, ControlUp DEX Platform, ControlUp Edge DX