PingOne Advanced Identity Cloud

Remote proxy security best practices

When you configure a remote proxy, follow these security best practices to protect your tenants and data:

  • Use granular permissions: Don’t grant full admin rights unless necessary.

  • Rotate credentials regularly: Update OAuth 2.0 client secrets periodically.

  • Use SSL/TLS: Always use HTTPS in production.

  • Enable audit logging: Enable audit logs on both originating and receiving tenants.

  • Apply least privilege: Grant only the minimum required roles.

  • Use service accounts: Use dedicated service accounts, not personal accounts.

  • Manage secrets securely: Store credentials in a vault, not in source code.