Restrict access to the Outlook Anywhere mapping

To secure the back-end server, the Outlook Anywhere mapping has to be restricted to authenticated users only.

Procedure-related prerequisites

  • Configuration takes place in Airlock Gateway.
  • You must be logged in as an admin in the Airlock Gateway Configuration Center.


  1. Go to: Application Firewall >> Reverse Proxy.
  2. Edit all the mappings listed below and apply the changes described underneath:
    • -Exchange Autodiscover
    • -Exchange EWS
    • -Exchange MAPI
    • -Exchange OAB
    • -Exchange Outlook Anywhere
  3. Change to the Access tab.
  4. Enter the role under Access restrictions >> Restricted to Roles.
    • Restricted to Roles: exchange

    This role is set by Airlock IAM after successful authentication.

  5. Select Authentication flow One-Shot.
  6. Configure Denied access URL to /auth/login-oneshot
  7. Under Credential Propagation >> SSO credential propagation, select Basic-Auth.
  8. Enable the checkbox Credential mandatory.