Application Onboard for Dev App Profile
Overview
App Onboard enables organizations to securely define, publish, and manage applications within the COSGrid environment. It provides a centralized way to control how users access internal, external, and SaaS applications while enforcing security and policy-based access.
This feature ensures:
Secure application exposure
Granular access control
Seamless integration with connectors and user groups
Navigation :Organization → Configuration → App Onboard
Supported Application Types
App Onboard supports onboarding of the following application categories:
Internal Web Applications
Applications hosted within the private network.External Web Applications
Public-facing applications hosted outside the organization.SaaS Applications
Cloud-based services accessed over the internet.Internal Non-Web Applications
Internal services using non-HTTP protocols (e.g., SSH, RDP).External Non-Web Applications
External services using non-web protocols.
Components of Application Onboarding
1. App Information
Name
Unique name for the application.Description
Optional but recommended for better identification and management.
2. Application Details
Type
Select the application category:Internal Web App
External Web App
SaaS Application
Internal Non-Web App
External Non-Web App
Connector
Select a registered connector responsible for routing traffic.
(Refer: App Connector Installation Guide)Group Membership
Assign user/device groups allowed to access the application.
(Refer: Group Membership Guide)
3. Services
Define how the application is accessed:
FQDN / IP Address
Fully Qualified Domain Name (e.g., app.company.com) or IP address.Service
Select predefined services (auto-fills protocol and ports) or define custom.Protocol
Communication protocol:HTTP
HTTPS
TCP
UDP
Port(s)
Specify:Single port (e.g., 443)
Port range
Any
Add (+)
Add multiple services if required.
Key Features
Search: Quickly locate onboarded applications.
Download: Export application configurations for:
Backup
Audit
Compliance
Column Customization: Customize table view for better visibility.
Edit: Modify existing application configurations.
Delete: Remove applications from the environment.
Creating and Configuring an Application
Step 1: Initiate
Click Add to open the application onboarding form.
Step 2: App Information
Enter Application Name
Enter Description
Step 3: Application Details
Select Application Type
Choose Connector
Assign Group Membership(s)
Step 4: Configure Services
Enter FQDN or IP Address
Select Service / Protocol / Port
Click ( + ) to add additional services if required
Step 5: Finalize
Click Add to onboard the application successfully.
Example Configuration
Objective
Create an Internal Web Application accessible via TCP.
Configuration
Parameter | Value |
Type | Internal Web App |
Connector | test_connect |
Group Membership | test_grp |
FQDN | |
Service | All TCP |
Protocol | TCP |
Port | Any |
Steps
Click Add
Under App Information:
Name: Cosgrid_Internal_App
Description: Internal application access
Under Application Details:
Type: Internal Web App
Connector: test_connect
Group Membership: test_grp
Under Services:
FQDN: cosgrid.com
Service: All TCP
Protocol: TCP
Port: Any
Click Add
Result
The application is successfully onboarded with:
Secure access via the selected connector
Access restricted to the assigned group
Traffic allowed over TCP across all ports
Best Practices
Use FQDN instead of IP wherever possible for flexibility
Apply least-privilege access via group membership
Restrict ports and protocols to only what is required
Use descriptive naming conventions
Regularly audit and export configurations
Avoid using “Any” ports/protocols in production unless necessary