Managing Multiple Domains In Foxpass
Foxpass, by default, allows any user in your organization to sign in via Google or Office 365 to create an account and get access to any systems you've integrated with Foxpass. Foxpass administrators can also add users via the management console.
If a user's email ends in a different domain than your Foxpass account's, that user is considered a "non-domain" user. For example, if your Foxpass account is for "abc.com" and you add a user with the email "[email protected]," that user would be considered a non-domain user.
Non-domain users should always use an email/password combination to log into the Foxpass console (instead of signing in via Google or Office 365 credentials). You may also want to exempt non-domain users from your Delegated Authentication integration if they are not a member of your root directory.
Using Multiple Domains
Some organizations may use multiple domains to manage their directory. If you have multiple domains, you can register your subdomains with Foxpass by going to the Configuration page and navigating to the "Include Subdomains" panel.
Allowing Wildcard Subdomains
If your organization has users with multiple subdomains, you can include all subdomains by default. For example, if your organization is @example.com, any user with an email @.example.com would be considered a part of your organization, where can be anything. This would mean that [email protected] and [email protected] would both be considered in your organization.
To enable wildcard subdomain matching, change the Include all subdomains setting on the Configuration page.
Allowing Authorized Subdomains
Setting up subdomain sync
Subdomains must be in the same Google Workspace or Office 365 account you used to set up Foxpass. Be sure that the Google Workspace or Office 365 account you use to sync subdomains with has the appropriate administrator permissions.
Once a domain is registered in Foxpass, any user with an email in that domain is considered a regular user in that account. For instance, if your Foxpass account is for "abc.com" and you register "xyz.com" as a subdomain, both "[email protected]" and "[email protected]" would be considered regular users.
If you add or remove a subdomain in Google Workspace or Office 365, you must manually refresh the subdomains in Foxpass in order to sync the changes. Disabling a subdomain in Foxpass means that it will be skipped during any user or group sync processes.
If your company changes domains, you have a few options. If the new domain is under the same Google Workspace or Office 365 account, you can register the new domain as a subdomain and keep all your same settings. Then, you can simply sync in the new domain and we'll treat it as a part of your account.
If you would like to make the new domain your main account domain, contact us and we can help you change it. However, this will change all your base LDAP DNs, so any LDAP or server integrations you have with Foxpass will have to be reconfigured. This will also automatically change any email domains from the old domain to the new one.
Updated over 2 years ago