Remote proxy security best practices
When you configure a remote proxy, follow these security best practices to protect your tenants and data:
-
Use granular permissions: Don’t grant full admin rights unless necessary.
-
Rotate credentials regularly: Update OAuth 2.0 client secrets periodically.
-
Use SSL/TLS: Always use HTTPS in production.
-
Enable audit logging: Enable audit logs on both originating and receiving tenants.
-
Apply least privilege: Grant only the minimum required roles.
-
Use service accounts: Use dedicated service accounts, not personal accounts.
-
Manage secrets securely: Store credentials in a vault, not in source code.