Reference

Tenant Access Control List (ACL) supports advanced customization through configuration of various settings. Refer to the sections below to learn more about available options.

Signals

ipv4_cidrs

string[]

List of IPv4 addresses or CIDR ranges.

ipv6_cidrs

string[]

List of IPv6 addresses or CIDR ranges.

geo_country_code

string

ISO 3166-1 alpha-2 country code.

geo_subdivision_code

string

ISO 3166-2 subdivision code.

ja_fingerprint

string

TSL client fingerprint.

user_agent

string

Client device or browser.

Conditions

match

object

Returns successful if the provided signal and any of the provided values are equivalent.

not_match

object

Returns successful if the provided signal and none of the provided values are equivalent.

Actions

allow

boolean

Allows traffic to pass through unaffected.

block

boolean

Blocks traffic from accessing specified scopes.

redirect

boolean

Redirects traffic to a provided location.

redirect_uri

string

URI to redirect traffic to.

log

boolean

Monitoring mode. No action is taken, but results are included in the Tenant ACL log event.

Scopes

tenant

Enforces Tenant ACL for both management and authentication scopes.

management

Enforces Tenant ACL for requests sent to {yourDomain}/api/v2/\*} and {yourDomain}/scim/\*}.

authentication

Enforces Tenant ACL for requests sent to anywhere not covered in management scope.

Protect Your Application

Protect Your Tenant

Compliance

Reference

Signals

Conditions

Actions

Scopes

Protect Your Application

Protect Your Tenant

Compliance

​Signals

​Conditions

​Actions

​Scopes

Signals

Conditions

Actions

Scopes