Airlock Gateway (WAF) target application/service mapping configuration

This is about the mapping of the protected target application / service (and not about the Airlock IAM mapping).

The following form fields need to be configured to activate one-shot authentication flow on a Airlock Gateway (WAF) mapping (main mapping tab):

In the "Access" area:

  • set "Denied access URL" to e.g. /auth/login-oneshot
  • Restricted to Roles: Restrict access to the desired role(s): e.g. serviceAbc
  • Authentication flow: choose One-Shot

In the "Application" area:

Check if the application requires session handling. If not, "session handling" can be set to Sessionless.

63970074.png