We expose PRTG for remote access through an Azure Application Proxy. For the purposes of the discussion, assume the following:
Basically, Azure App Proxy receives a request from a client on https://prtg-company.msappproxy.net, then requests the page internally through an agent on https://prtg.company.com, and delivers it to the client.
Once I've configured everything, when I open the PRTG login page I get this error:
The URL you are using to connect to PRTG is not enabled for single sign-on. Please contact your PRTG administrator.
It makes sense to show this error, since I've requested the page using https://prtg-company.msappproxy.net, but the agent has requested it from the server using https://prtg.company.com. Changing the DNS name to https://prtg-company.msappproxy.net also doesn't work, since now the agent's request doesn't match what is configured in SSO.
Can this test be removed, or at least allow the specification of a number of "valid" URLs for which the SSO is configured?