Skip to main content

Allow Any Authenticated User


Use with caution: Allow Any Authenticated User allows all requests for any user or service account that authenticates against your identity provider.

For example, if you use a corporate GSuite account, an unrelated user with a Gmail account can access the upstream application.

Use of this setting means Pomerium will not enforce your centralized authorization policy for this route. The upstream is responsible for handling any authorization.

How to configure

YAML/JSON settingTypeDefaultUsage


allow_any_authenticated_user: 'true'