Skip to main content

Exposing Cloudentity Through Custom Domain

Expose Cloudentity through a custom domain behind a customer-managed web application firewall (WAF), content deliver network (CDN), or custom proxy.

Note

Before you start setting up custom domains, reach out to Cloudentity support and choose one of the below solutions:

Configure WAF/CDN/Custom Proxy

Want to use Custom Domains?

If you want to use custom domains, contact Cloudentity Sales Team.

You can learn more about the topic by reading the Custom Domains Overview.

  1. Set up proxy for the Cloudentity vanity domains endpoint.

    proxy_pass https://<VANITY_DOMAIN_ID>.vanity.<REGION>.authz.cloudentity.io;               
  2. Add the following HTTP headers to your proxied requests:

    • X-Acp-Domain-Key: <VANITY_DOMAIN_KEY>

    • X-Forwarded-For - this header contains a comma-separated list of IP addresses of all proxies between the end user and Cloudentity (including the end user’s IP address).

    • True-Client-IP - this header contains the real IP address of the end user.

    Different reverse proxies

    If you are using a reverse proxy different than nginx, set up your proxy in the way corresponding to the nginx configuration shown above.

Vanity Domain Direct Setup with Cloudentity

Set a CNAME DNS record (alias) on the vanity domain pointing to your Cloudentity tenant URL.

Example:

authz.acme-org.com ---CNAME---> $TENANT_DOMAIN         

Once your CNAME DNS record is set up, let Cloudentity support know, and we will do the rest for you. With your CNAME set up, we are able to add a TLS certificate and configure Cloudentity SaaS platform to work with your domain. Once we finish, your custom domain is ready to be used.