Skip to main content

Hi all - we have configured browser access for a private app. Everything works fine with the authentication flow with our IdP into the private app through the normal reverse proxy public host URL.

 

We have set the CNAME of a custom host to revert to the public host URL. When we go to the custom host URL, it goes into a loop where it authenticates fine then tries to resolve to the custom host (not the public host reverse proxy URL) and creates an indefinite loop (IdP → netskope SAML → IdP). We confirmed with the SAML tracer that it indeed keeps resolving to the custom host URL and not the public host URL as intended.

 

Anyone had the issue and hot to resolve it?

@ChrisG

It appears that something might be misconfigured or an incorrect behavior on the Netskope side.  I’d suggest opening a case with the SAML tracer and HAR capture attached.  Please DM me the case number once opened and I’m happy to take a look.   We will need to validate the SAML and DNS configs. 

Thank you. 


Reply