Feature search
Which component would this feature affect?
Prowler API, Prowler UI
Related to specific cloud provider?
Not provider-specific
New feature motivation
Currently, configuring the correct ACS URL for SAML SSO in self-hosted deployments requires building a custom frontend container, as the value is hardcoded to http://prowler-api:8080/. This is impractical and introduces unnecessary complexity for users running Prowler behind a proxy or load balancer. See related discussion: #10498 and issue #9724.
Solution Proposed
Introduce a new environment variable (e.g. SAML_ACS_URL) that allows users to dynamically set the ACS URL at runtime via the .env file, without needing to rebuild or customize any container image.
Use case and benefits
This would benefit any team running a self-hosted Prowler deployment behind a reverse proxy or load balancer who needs to configure SAML SSO with an external URL. It removes the need to maintain a custom container build just to change a URL, significantly simplifying the deployment process.
Describe alternatives you've considered
Building a custom frontend container to override the hardcoded ACS URL, as described in the current documentation. This is not practical for some self-hosted users.
Additional context
Originally raised by the community in discussion #10498.
Feature search
Which component would this feature affect?
Prowler API, Prowler UI
Related to specific cloud provider?
Not provider-specific
New feature motivation
Currently, configuring the correct ACS URL for SAML SSO in self-hosted deployments requires building a custom frontend container, as the value is hardcoded to
http://prowler-api:8080/. This is impractical and introduces unnecessary complexity for users running Prowler behind a proxy or load balancer. See related discussion: #10498 and issue #9724.Solution Proposed
Introduce a new environment variable (e.g. SAML_ACS_URL) that allows users to dynamically set the ACS URL at runtime via the .env file, without needing to rebuild or customize any container image.
Use case and benefits
This would benefit any team running a self-hosted Prowler deployment behind a reverse proxy or load balancer who needs to configure SAML SSO with an external URL. It removes the need to maintain a custom container build just to change a URL, significantly simplifying the deployment process.
Describe alternatives you've considered
Building a custom frontend container to override the hardcoded ACS URL, as described in the current documentation. This is not practical for some self-hosted users.
Additional context
Originally raised by the community in discussion #10498.