Skip to main content
Skyhigh Security

About Clientless Access

Skyhigh Private Access secures access from unmanaged devices through clientless, browser-based deployment. In this approach, you need not install Client Proxy software on the end user devices. Skyhigh Private Access leverages reverse proxy SAML configuration that is integrated with an identity provider to establish secure connection with the unmanaged devices. 

When users tries to access a private application, the request is sent to the tenant's public DNS server. The DNS server resolves the private application's name based on the mapped CNAME record and prompts the user to provide email address on the SSE page. Based on the email address, the traffic is directed for user authentication through SAML. The user can access the private application upon successful authentication. For information about enabling browser access, see Enable Browser Access for Private Applications.

  • Was this article helpful?