Manage trusted domains

Trusted domains specify the set of domains Access Gateway allows for redirects.
Using trusted domains, attempts to hijack redirects are prohibited and only known, trusted sites are allowed.

Note that the term Trusted origin is used in the Okta console vs Trusted domain in the Access Gateway Management console.

During this task you will:

Trusted domains are enabled by default in Access Gateway deployments of v2020.8.3 and later.
Trusted domains are disabled by default when upgrading from earlier versions to maintain existing system behavior.

Enable/Disable trusted domains

To enable or disable trusted domains:

  1. Select 1 at the main menu to enter the Access Gateway Network Setup sub-menu.

  2. Select 9 from the network menu. The Manage Trusted Domains sub menu will display resembling:
    Manage Trusted Domains (status: Enabled/Disabled) 
    1 - Enable/Disable trusted domain 
    2 - View trust domains
    x - Exit
    
  3. Enter 1 to toggle the Enable/Disable trusted domains setting.
    The Manage Trusted Domains menu will re-display showing the current status for trusted domains.

View trusted domains

  1. Select 1 at the main menu to enter the Access Gateway Network Setup sub-menu.
  2. Select 9 from the network menu. The Manage Trusted Domains sub menu will display resembling:
    1. Enter 2 to view trusted domains.  The current set of trusted domains will be display and will resemble:
      UP/DOWN/HOME/END - scroll list   x - exit
      trusted-one.domain.com
      trusted-two.domain.com
      . . . 
      trusted-n.domain.com
      . . . 

      The view option is still present but displays a warning if an attempt is made to view trusted domains when disabled.

    2. Enter [x] to exit the display.
      The Manage Trusted Domains menu will be display showing the current status for trusted domains.

View trusted domains using the Okta console

  • Trusted domains are synchronized with your Okta tenant. To view trusted domains in your Okta tenant :
    1. Sign in to your Okta tenant as an Admin.
    2. (missing or bad snippet)
    3. Select the Trusted origins tab.
  • The private domains of all applications as listed in the Protected Web Resource field.

    All application domains are synchronized with your Okta tenant as applications are added.
    Protocol and path information is not part of the domain.


Related topics

About trusted domains

See the Manage Trusted Domains subsection in the Network section of the Access Gateway Management Console reference.