Expose SecureAuth through custom domain
Expose SecureAuth through a custom domain using a customer-managed web application firewall (WAF), content delivery network (CDN), or custom proxy.
Note
Before you start setting up custom domains, reach out to SecureAuth support and choose one of the following solutions:
Configure WAF/CDN/ Custom proxy
Want to use custom domains?
If you want to use custom domains, contact the SecureAuth Sales Team.
To learn more about custom domains, see Custom domains overview.
Set up a proxy for the SecureAuth vanity domains endpoint. For example:
proxy_pass https://<VANITY_DOMAIN_ID>.vanity.<REGION>.authz.cloudentity.io;
Add the following HTTP headers to your proxied requests:
X-Acp-Domain-Key: <VANITY_DOMAIN_KEY>X-Forwarded-For– This header contains a comma-separated list of IP addresses for all proxies between the end user and SecureAuth, including the end user’s IP address.True-Client-IP– This header contains the real IP address of the end user.
Different reverse proxies
If you're using a reverse proxy other than nginx, configure your proxy according to the setup described for nginx above.
Vanity domain direct setup with SecureAuth
Create a CNAME DNS record (alias) on the vanity domain that points to your SecureAuth tenant URL.
For example:
authz.acme-org.com ---CNAME---> $TENANT_DOMAIN
Once your CNAME DNS record is set up, contact SecureAuth. With your CNAME set up, we are able to add a TLS certificate and configure SecureAuth SaaS platform to work with your domain. Once we finish, your custom domain is ready to be used.