Enforce SAML Authentication from Trusted IP Addresses
Focus
Focus
GlobalProtect

Enforce SAML Authentication from Trusted IP Addresses

Table of Contents

Enforce SAML Authentication from Trusted IP Addresses

You can enforce SAML authentication to succeed only if the authorization request comes from trusted IP addresses.
Where Can I Use This?What Do I Need?
  • GlobalProtect embedded browser
  • GlobalProtect app 6.3.3 and later
  • Windows endpoints
You can enforce SAML authentication to succeed only if the authorization request comes from trusted IP addresses. Users authenticating from untrusted IP addresses cannot access the Prisma Access portal or gateway. In order for this to work, you can specify either a proxy server or Proxy Auto-Configuration (PAC) file via the predeployment parameter SAMLAUTHPROXY. For more information about the parameter, see.App Behavior Options.