Applications

an application links together policies with a provider, allowing you to control access it also holds information like ui name, icon and more authorization to configure access to applications, you can use policy bindings you can access this feature by selecting an application from the applications list and clicking on the policy/group/user bindings tab if no users, groups, or policies are bound, then everyone has access to the application by binding users, groups, or policies, you can grant specific access to selected individuals or dynamically grant access through policies when multiple policies/groups/users are attached, the policy engine mode can be configured in order to require users to pass all bindings/be member of all groups (all), or require users to pass either binding/be member of either group (any) appearance kubeark alloes for customizable parameters the following aspects can be configured name the name of the application displayed on the application card launch url the url that the user is directed to when clicking on the application card, which can be left empty or filled with placeholders for dynamic construction of the url based on logged in user icon (url) an optional icon url for the application that can be entered as an absolute url if no volume is mounted under /media, or uploaded if a mount exists under /media publisher the text shown below the application card indicating the publisher of the application description subtext displayed on the application card under the publisher information, providing additional details about the application applications are displayed in the following scenarios the user has access defined via policies (or the application has no policies bound) a valid launch url is configured/could be guessed this consists of urls starting with http // and https // to hide applications without modifying policy settings and without removing it, you can simply set the launch url to blank //blank , which will hide the application from users keep in mind, the users still have access, so they can still authorize access when the login process is started from the application to give users direct links to applications, you can use urls such as https //kubeark company/application/launch/\<slug>/ this will redirect the user directly if they're already logged in, and otherwise authenticate the user, and then forward them