Alpha has D360 embedded and will access the platform via SSO. Alpha is a single URL that our clients will access, they will then be routed and SSO into the correct URL for the specific clients D360 instance. However there is a (small) risk that once signed in to Alpha and a trust token established that they could get routed to the wrong D360 environment. To eliminate this we would like to have a domain whitelist for each D360 install. So a Bank of America user having logged into alpha will not get access to allianz D360 environment because the BOA.com domain is NOT set up within the Allianz D360 app
For the domain whitelist, are you looking at it in the sense of CORS ( Cross-origin Resource Sharing ) requests or the domain of users where only users with an "@abc.com" account can access? Govern can already achieve the latter by having SSO setup top per environment so that only users from that particular organization's SSO can access without needing to maintain domain lists.
For tracking purposes, a ticket has been opened with DEV for further review of this request ( Reference : GOV-17306 ).
<x-zendesk-user data-user-name="Matthew Kennedy">365021275188</x-zendesk-user>
Any update on this enhancement as we need to have it in place for our May 31st deploy of our portal
<x-zendesk-user data-user-name="Patrick Egan">1502749014881</x-zendesk-user> Hi Pat! This is coming Friday to Dev/UAT, next week. Hopefully you received the Announcement today. That has a link to the release notes.