This feature is in technical preview, so please report any Bugs you run into on GitHub
This provider requires the deployment of the RAC Outpost
Unlike other providers, where one provider-application pair must be created for each resource you wish to access, the RAC provider handles this slightly differently. For each machine (computer/server) that should be accessible, an Endpoint object must be created within an RAC provider.
The Endpoint object specifies the hostname/IP of the machine to connect to, as well as the protocol to use. Additionally it is possible to bind policies to endpoint objects to restrict access. Users must have access to both the application the RAC Provider is using as well as the individual endpoint.
Configuration like credentials can be specified through settings, which can be specified on different levels and are all merged together when connecting:
- Provider settings
- Endpoint settings
- Connection settings (see Connections)
- Provider property mapping settings
- Endpoint property mapping settings
Each connection is authorized through the policies bound to the application and the endpoint, and additional verification can be done with the authorization flow.
Additionally it is possible to modify the connection settings through the authorization flow. Configuration set in
connection_settings in the flow plan context will be merged with other settings as shown above.
A new connection is created every time an endpoint is selected in the User Interface. Once the user's authentik session expires, the connection is terminated. Additionally, the connection timeout can be specified in the provider, which applies even if the user is still authenticated. The connection can also be terminated manually.
The following features are currently supported:
- Bi-directional clipboard
- Audio redirection (from remote machine to browser)