List of endpoints accessed by DVLS

Published 10 months ago

Hello.

In my view, your page is incomplete in relation to Entra ID authentication.
I'm not quite sure yet, but there is more than just graph.microsoft.com that is accessed by the server.
Whitelisting graph.microsoft.com is not sufficient.

An answer to this forum topic points out a few other URL's.
Whitelisted URL to enable user sign-in to Windows using Azure AD account? - Microsoft Q&A

Best regards.
Marcel

677c53b1-20f9-47e7-9bdd-d49021d95b82.png

List of Internet endpoints accessed by Devolutions Server - Devolutions Documentation

All Comments (4)

Samuel Dery

Published 10 months ago

Hello,

Thank you for reaching out to us regarding this,

For Azure Authentication, we have both https://graph.microsoft.com and https://login.microsoftonline.com listed in our documentation here:
https://docs.devolutions.net/server/kb/knowledge-base/internet-endpoints-server/

Let me know if this helps.

Best regards,

Samuel Dery

marcelgerber

Published 10 months ago

Hello.

In the end, I use a dynamic list, but I managed to find out about the following URL's that are also useful.
Dynamic list by Palo Alto: https://saasedl.paloaltonetworks.com/feeds/azure/public/azuread/ipv4
Other firewall suppliers do the same.

aadcdn.msauth.net/
aadcdn.msftauth.net/
aadcdn.msftauthimages.net/

Cheers.
Marcel

Émile Simard

Published 9 months ago

Hello Marcel,

We have added a list of the URLs used by Entra ID in our documentation. Hope this helps!

Kind regards,

Émile Simard
Technical writer

marcelgerber

Published 9 months ago

Thank you.