Hi,

One of our users is currently evaluating a new architecture to provide external users access to DataMiner dashboards.
At the moment, dashboard access is exposed using a SAML-based configuration with an internal identity provider (IdP). However, this component is planned to be decommissioned by the end of 2027, so alternative approaches are being explored.
One option under consideration is to avoid SAML entirely and instead rely on a reverse proxy-based setup. Specifically, the idea is to:

• Place reverse proxies in front of the DataMiner front-end environments
• Inject authentication and user context via HTTP headers
• Allow dashboards to be accessed based on this upstream-authenticated context

The key questions are:

1. Is this type of configuration (authentication via HTTP headers from reverse proxies) supported in DataMiner?
2. If so, which HTTP headers and user attributes should be provided to ensure correct authentication and authorization?
3. Are there any best practices or known limitations when implementing this setup?

The goal is to validate this approach in a pre-production environment before making architectural decisions.
Any insights or experiences with similar setups would be highly appreciated.

Thanks in advance,