We currently use oAuth for authentication in Eramba, and we’ve noticed an opportunity to streamline access to the Policy Portal. Right now, when users need to access the Policy Portal, we have to create accounts for them in Eramba and manually add them to a group with Policy Portal access permissions.
We’d like to propose a feature that would allow domain-based access control for the Policy Portal, specifically for policies marked as ‘internal’. This would enable any authenticated user from our organization’s domain (e.g., @ourcompany.com) to automatically access the Policy Portal without needing a manually created account or group membership.
This change would significantly reduce administrative overhead while maintaining security through domain verification. It would improve the user experience for employees needing to access policies and align with zero-trust security principles where authentication is based on identity rather than network location.
I noticed a similar feature request regarding SAML integration for the Policy Portal (Feature - Policy Portal using SAML). While that discussion focused on SAML specifically, I believe this domain-based access control feature would be particularly valuable for the SaaS version of Eramba, as many organizations are moving towards more streamlined access management.
Could this feature be considered for implementation, particularly in the SaaS version? Are there any technical limitations or security concerns that would need to be addressed?