Hi there!
In order to use PB also as TOTP-Provider, I need to ensure that our employees can reach the server from their mobile phone.
We weren’t able to set up VPN on the phones for still unknown reason, so VPN is not an option.
I tried to access PB through MS Entra Application Proxy, but I’m only receiving an empty page.
I think as the external and internal URL are different.
Can anyone point out, what to change that PB ist reacting to requests on <hostname.internaldomain> and https://passbolt-tenantname.msappproxy.net/ ?
Hello @bjadowi!
If I’m not mistaken, Passbolt can only be accessed with one domain address, so you’ll need the same one for both cases and not use an internal and external one.
This is because the extension and the server verify the domain to ensure the connection isn’t compromised, for example, by a MITM attack.
Would it be possible for you to use only the MS Entra proxy address? I understand you need to control access through authentication, and that’s why you’re using that platform.
However, if you don’t require authentication beyond Passbolt, perhaps a Cloudflare tunnel or similar would be easier for you to provide internet access and allow access from anywhere.