Netskope has an authentication module that integrates with an Identity Provider (IdP) to verify a cookie can be accepted as an alternative to repeatedly and explicitly authenticating a user.
Netskope’s Auth Integration feature is a mode of Netskope’s reverse proxy. This feature acts as an authentication module taking Netskope’s framework and an IdP’s auth assertion after authentication and rewrites and redirects all traffic back to the user through our reverse proxy. The Netskope reverse proxy acts as a secure hand-off of all browser app sessions.
The following diagram shows the workflow. The left-side diagram shows the hand-off without the Netskope integration. The right-side diagram shows the hand-off with the Netskope integration.
You can enable this feature in the UI by going to Settings > Security Cloud Platform > Auth Integration.
Unmanaged devices not going through Netskope can still be managed by enabling the secure hand-off between the unmanaged device and the cloud using your own IdP.
The Auth Integration page controls and lists your active keys. Clicking the Add Key button automatically generates and lists a new key.
The following table lists and describes the page.
|Version||Your unique key version number. Each key has a unique version number. The version numbers may appear out of order because the same version number is not used again if a key is deleted.|
|Key||This is the unique auto-generated key for your tenant. Netskope supports any number of keys. This is helpful so you are always covered with an active key.|
|URL||The unique URL that is tied to your Auth Integration key and tenant. This URL is used to access Netskope’s reverse proxy. The format is |
|Timestamp||The user’s email that generated the key and the time at which the key was added.|
|Add Key||Click this button to automatically generate a key.|