Configuring applications for dual access with PingAccess for Azure AD
Configure applications for secure access both from inside and outside the network.
Steps
-
Configure an application for secure external access using Microsoft Entra ID (formerly Microsoft Azure AD) and PingAccess for Azure AD.
-
Ensure that the application is functioning as expected by signing on using the application’s external Uniform Resource Locator (URL).
Example:
For example, http://app-tenant.msappproxy.net/.
-
In PingAccess, create a new virtual host that maps to the PingAccess host.
Example:
For example,
<PingAccessServerName>:3000
. -
Assign the new virtual host to the application in addition to the virtual host specified for Microsoft Entra ID access.
-
In Microsoft Entra ID, go to the App Registrations window and select the application.
-
Click Reply URLs and add the internal PingAccess reply URL.
Example:
For example,
<PingAccessServerName>:3000/pa/oidc/cb
.If you have the Use context root as reserved resource base path check box enabled on your PingAccess application, enter the application’s context root before the reserved application context root.
Using the previous example, the reply URL would be
<PingAccessServerName>:3000/myApp/pa/oidc/cb
if your application had a context root ofmyApp
. -
Save the changes and test the configuration by signing on using the application’s local URL.