This article helps you to configure a new HTTP-based application in the Safous ZTA environment
To create an HTTP-based application, you need administrator privileges to configure your environment, including adding applications. Please refer to the following knowledge base articles about the access: Login to Admin Portal
Steps to create an HTTP-based application:
- Go to the Settings tab > ZTNA.
- In Applications, choose Applications.
- Click New Application, then fill in the fields as follows:
(1) Name: Enter a unique name for the application (this is a required field).
(2) Application Address/FQDN/Hostname: Provide the address of your internal business app using IP format (e.g., 192.168.1.100), FQDN (e.g., app1.coba.lan), or hostname (e.g., app1).
(3) Site: This is optional. You can leave it as "all" for a single-site deployment, but for a multisite deployment, it's recommended to choose the correct site based on the application location.
(4) Access URL: This will be automatically created based on the application name, but you can customize the subdomain if desired.
(5) Toggle Visible: By default, this is enabled. If disabled, the app will not appear in the user portal.
(6) Icon: You can customize it by uploading a suitable icon.
(7) Protocols: Ensure this is set to "HTTP".
(8) Port: By default, this will use the standard HTTP port (80), but you can change it if needed.
(9) URL Path: Is optional and only used when you want to change the root/home directory (e.g /wp-admin).
(10) HTTP/S Translate Settings: Enable these options to translate HTTP/S header/body/query parameter to/from the target application;
- Request Body, translate from Access URL to Application Address.
- Request Header, translate from Access URL to Application Address.
- Request Query Parameter, translate from Access URL to Application Address.
- Response Body, translate from Application Address to Access URL.
- Response Header, translate from Application Address to Access URL.
(11) Custom Headers: Configure this option to enable custom request header to the Application Address, or custom response header from the Application Address.
(12) Single Sign-On Settings: is optional and can only be used with the user portal, you can leave it as None (no SSO), or set it to Basic with the options below:
- User logon credentials, can be used if the user's credential for the user portal is registered as the server's credential.
- Prompt user and store in personal vault, it will only ask for the password the first time the user login and then the credential will be saved in the user's Personal Vault.
- Assign secret from vault, can be used after you store a password in the Vault system.
(13) Category is optional, just to make a more organized application type tag, which will use the uncategorized tag by default. For more information, please find in the following article: [ZTA] Applications/Category
(14) Set up Policies to be applied to the application.
- Status: Set the status of the policy. Toggle on to enable, toggle off to disable.
- Accounts: Define the entities that should be applied to the policy.
- Condition: Select the access condition that should apply to the policy from the list of available conditions.
- Action: Select the configuration that should apply to the policy for the application based on its protocol from the list of available actions. More information about action can be found in this article: [ZTA] Policies/Actions
Once all the fields have been filled out, click Save.