I have some of our my users that are coming via zscalers proxies. For some of them the BIC is triggering for some not.
Is there a way to understand and have more details on why the BIC is triggering.
Is the issue on the client side, or a zscaler issue or a site issue …
(Of course, I can bypass the cloudflare firewall based on the AS but this is just putting the problem under the rug. )
The Browser Integrity check looks at the User-Agent of the request and based on the a predefined list that we maintain of User-Agents that we consider malicious we block the requests. We are limited on what we can share, because that information can be used to avoid the feature - however if you have example User-Agents that are being blocked - we can review and see it if is something we can consider improving.
thanks for the feedback.
I tracked down my issue to a REST kind of API behind one of the paths of the applications concerned. Digging into this case I found a couple of other BIC related blocking associated to API calls.
Hence does it imply that I wound need to identify “all” REST API endpoints and whitelist them in some way ?
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.