Netskope Help

Private App Management

The following sections explain how to create and steer Private Apps.

Specify a Private App for the Publisher to steer. A message appears on the Private Apps App Definition page when you're approaching the maximum limit. You can contact Support to increase the limit.

  1. Go to Settings > Security Cloud Platform > App Definition and click Private Apps.

  2. Click New Private App.

  3. Enter a meaningful app name in the Application Name field (like jira).

  4. Enter the Host domain in the Host field (like The Host field supports the following syntax: Host ( Up to 32 hosts can be added.


    Using a hostname is recommended. If an app needs to be accessible by hostname and IP address, enter each separately using the Add button.

  5. Enter the app TCP or UDP port, port range, or ports and port ranges. For example:

    • Enter a specific port: 80

    • Enter a specific port range: 1024-2048

    • Enter ports and port range(s): 22,80,443,1024-2048

  6. Click in the Publisher text field and select one or more Publishers from the dropdown list.


    For high-availability, add multiple publishers for each private app. Up to 16 Publishers can be used per app.

  7. To have the Netskope Client send DNS requests for the specified hosts to the configured Publishers, enable the Use Publisher DNS toggle.

  8. Click Save.

Connecting the private app to the publisher may take several minutes. Make sure that you see the green icon GreenCheckIcon.pngfor this private app before proceeding. If the badge is red, use the Troubleshooter feature or check your firewall rules before proceeding.


When a user has access to a private app on different tenants using Netskope-encoded private app URLs from the same browser, then after accessing the private app on one tenant, a user will need to clear the cookies from the browser before being able to access the private app on a different tenant.

Troubleshoot a Private App

To troubleshoot a private app:

  1. Click Troubleshoot on the Private Apps page.

  2. Select an option for these settings:

    • Private App: Select an app from the dropdown list.

    • User and Device: Search for and select a user and device, or select one or more from the list.

  3. Click Troubleshoot. If the configuration is not correct, the troubleshooter will show what is not configured properly.


    When the configuration is correct, the Troubleshooter will show all is working.


For more information about troubleshooting, refer to the Private Access Troubleshooting .

To steer traffic for private apps, you can add users or create a steering configuration that specifies an Organizational Unit (OU) or User Group.

OUs or User Groups are specified in the Real-time Protection policy that grants access to private apps.

If you do not already have a steering configuration that specifies the Organization Unit (OU) or User Group you want to steer to a private apps, follow these steps.

If you already have such a steering configuration, you can simply enable private apps for that steering configuration. For more details, refer to Change Steering Configurations to Include Private Apps.

  1. Go to Settings > Security Cloud Platform > Steering Configuration and click Create a New Configuration.

  2. In the New Configuration dialog box, enter and select the following settings:

    • Configuration Name: Enter a meaningful name for this steering configuration.

    • Applies To: Choose either an OU or User Group. The dropdown/search field allows you to select and search for an OU or User Group.

    • Traffic: Select Cloud Apps Only or All Web Traffic.

    • Status: Change to Enabled.

    • Private Apps: Change to Steer All Private Apps.

  3. Click Save.

To update a steering configuration for private apps, follow these steps:

  1. Go to Settings > Security Cloud Platform > Steering Configuration. Complete the following steps for each steering configuration that you want to steer to private apps. There are two methods:

    • If you have just one Default steering configuration, you can use the Edit button in the top right corner.

    • If you have multiple steering configurations, click the MenuIcon.png icon on the right side of each configuration and select Edit Configuration.

  2. For Private Apps, change to Steer All Private Apps.

  3. Click Done.