[Feature Request] Enable/Expose the SharedSecret feature of Basic Authentication
#890
BenDuguid-MRM
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Issue description
Within the Cloud Portal, it's possible to configure most of the full Basic Authentication settings from the main Umbraco CMS, however you can't access/expose the Shared Secret settings.
We use Basic Auth to provide a layer of security of our non-production environments, with the IP Address features allowing simple passthrough for our internal teams, and user access for external users who should have access.
We have some additional security tools that we need to run over these environments prior to release that use a wide range of additional, rotating IP addresses, and would like to make use of the Shared Secret Header|Value pair to allow these services to access the environment without opening up the sites further.
Recommendation:
Expose the Shared Secret header name and value, either as "per project/environment" settings on the "Public Access" page. This could be read only if you're using already for monitoring, health checks, etc. when sites are secured this way, or as a configurable setting.
Beta Was this translation helpful? Give feedback.
All reactions