Exposing Cloudentity Through Custom Domain
Expose Cloudentity through a custom domain behind a customer-managed web application firewall (WAF), content deliver network (CDN), or custom proxy.
Note
Before you start setting up custom domains, reach out to Cloudentity support and choose one of the below solutions:
Configure WAF/CDN/Custom Proxy
Want to use Custom Domains?
If you want to use custom domains, contact Cloudentity Sales Team.
You can learn more about the topic by reading the Custom Domains Overview.
Set up proxy for the Cloudentity vanity domains endpoint.
proxy_pass https://<VANITY_DOMAIN_ID>.vanity.<REGION>.authz.cloudentity.io;
Add the following HTTP headers to your proxied requests:
X-Acp-Domain-Key: <VANITY_DOMAIN_KEY>
X-Forwarded-For
- this header contains a comma-separated list of IP addresses of all proxies between the end user and Cloudentity (including the end user’s IP address).True-Client-IP
- this header contains the real IP address of the end user.
Different reverse proxies
If you are using a reverse proxy different than nginx, set up your proxy in the way corresponding to the nginx configuration shown above.
Vanity Domain Direct Setup with Cloudentity
Set a CNAME
DNS record (alias) on the vanity domain pointing to your Cloudentity tenant URL.
Example:
authz.acme-org.com ---CNAME---> $TENANT_DOMAIN
Once your CNAME
DNS record is set up, let Cloudentity support know, and we will do the rest for you. With your CNAME set up, we are able to add a TLS certificate and configure Cloudentity SaaS platform to work with your domain. Once we finish, your custom domain is ready to be used.