0

Axiom authentication

Forum / Questions & Answers

I'm looking for a way to disable "Active Directory" login on the Axiom web interface(for Internet security), but leave the option available on the server for the "Canary Admin" application.

Is it possible?

3 replies

null
    • smason
    • 6 mths ago
    • Reported - view

    Hi ,

    You should be able to accomplish this through Identity Provider Routing.

      • choyle
      • 6 mths ago
      • Reported - view

       Thanks, Steve.  I can make that work to suit our needs. 馃憤

    • choyle
    • 6 hrs ago
    • Reported - view

    We had it working for months, and then it recently stopped.  might have coincided with the upgrade to v25.5, but I'm not certain.

    The pattern should match just one source IP address, but now *any* connection from other sources are getting Entra only, not AD auth.

     

      "IdentityProviderRoutes": [
        {
          "IpAddressRegex": "^(::ffff:)?10\\.10\\.125\\.1$",
          "ProviderNameRegex": "(entra)"
        },
        {
          "IpAddressRegex": null,
          "ProviderNameRegex": "(Active Directory|entra)"
        }
      ],

Login to reply

Content aside

print this pagePrint this page
  • Status Answered
  • 6 hrs agoLast active
  • 3Replies
  • 83Views
  • 2 Following