tencent cloud

Feedback

Overview

Last updated: 2024-11-06 18:01:38
    Identity Aware Platform (IAP) enables you to establish a central authentication layer for resources accessed through HTTPS. When IAP is enabled, only users with permissions can access the resources requested through HTTPS, while users without permissions cannot access them.

    How It Works

    If a resource is protected by IAP, it can be accessed only by users with the correct Cloud Access Management (CAM) permissions. If a user tries to access a resource protected by IAP, IAP will perform identity verification and authorization checks.
    Identity Recognition
    Requests for accessing Tencent Cloud resources are passed in through HTTP(S) CLB. The backend service will check whether the application has enabled IAP. If IAP is enabled, the relevant information of the protected resources will be sent to the IAP server. Therefore, the request header contains the information such as request URL and IAP credentials.
    When IAP checks a user's identity credentials, the user will be redirected to the OIDC SSO process for login with the IdP enterprise identity.
    After the enterprise identity verification is passed, IAP will check the user's CAM identity. If the user identity recognition succeeds, IAP will perform authentication in the next step.
    Authentication
    After the identity recognition is completed, IAP will check through CAM policies whether the user has permissions to access the requested resource.
    
    
    

    Features

    Identity Verification and Authentication
    You can use IAP to perform user identity verification and authentication for protected resources.
    Enhanced Security
    Administrators can specify user identities and resources to develop and implement elaborate access control policies.
    Simplified Work
    You can access IAP-protected applications by entering a URL accessible from the Internet in a web browser, without using a VPN client.
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support