Add a Website
Last modified on August 10, 2022
A website resource in strongDM is the combination of an IP/DNS address and authentication information used to connect to a web-based resource, such as a Redash or Grafana dashboard.
Currently, strongDM supports websites with no authentication, basic HTTP authentication, or header-based authentication. Interactive logins and websites secured with SSO are not supported.
Resource Configuration
- Display Name (Required): Enter a meaningful name for this resource. This name displays throughout strongDM. Do not include special characters like quotes (") or angle brackets (< or >).
- Auth Type (Required): Select HTTP, HTTP Basic Auth, or HTTP Custom Auth. Find a description for each in the Auth Types section.
- Base URL (Required): Enter a base address and port for the website you wish to add as a resource. For example, use
http://dashboard.strongdm.com:9021. - HTTP Subdomain (Required): Be sure to input URL safe characters; this string is used as your local DNS address. For example,
app-prod1would turn intohttp://app-prod1.production111.sdm.network/. The subdomain entered must be unique. - Default Path (Optional): This path serves as the starting page when accessing the resource. For example, set
/_plugins/kibana. - Healthcheck Path (Optional): Change the healthcheck from the default
/to a more specific URL. The path provided should return a healthy status code, such as200. - Headers exclusion (Optional): By default, the logs in strongDM include all of the headers passed to the website. If you wish to exclude any headers from logging, you may enter them here.
Auth Types
The “HTTP” in the names of each auth type is a only part of the descriptor of the authentication type. Website resources that are protected by SSL (HTTPS) are also supported.
- HTTP: This type of connection does not attempt to perform any authentication via strongDM, so it has no additional fields required. Just make sure your URL is correct and go from there!
- HTTP Basic Auth: This option uses standard HTTP authentication (username/password). Choosing this option exposes two additional fields: Digest Auth User (username) and Digest Auth Password (password).
- HTTP Custom Auth: This option sends custom authentication data using the
Authenticationheader. Once selected the field Authorization Header is exposed.
Proxy Configuration
Once a user has access to a website, they also need to configure their local system proxy. Users can add the following PAC file to their system to accomplish this task: https://app.strongdm.com/proxy.pac.
The PAC file in the link above automatically configures your system to proxy traffic for your websites. For more detailed setup instructions, read Connecting to Websites.
If any errors occur, please copy them into an email and send them to support@strongdm.com.