WARP Client as an identity source for Access Policies

Is it possible to use WARP Client as an identity source for Access Policies?
Lets say user connects to WARP using his team account and “real” identity provider confirms his email at this step. I want to allow access (through WARP) for this user to App Launch page and apps protected by Access Policies based on user email without requiring additional authentication in browser. Any clues? Does this feature exists?

Apparently it exists, or was coming very soon in November last year, I think it’s only on the higher plans though that give you the rule ‘Require Teams Warp’

I’ve spent few hours googling with no luck :frowning:

This rule type is used to enable device posture and make use of WARP client required, but it doesn’t solve my problem (getting identity from WARP session). Users will still need to authenticate 2nd time in browser to get through email-based Access Policy.

1 Like

Hmm, I don’t think this is possible as for now. Maybe @SamRhea can give some comments.

Does it not pass along a user JWT token as a header? Seems a lot of Connect + Gateway story is still half baked…

I had the same request. Apparently it’s not yet available: Allow Gateway as Access rule - #3 by cscharff

1 Like

Would also be interested in this. It’s a very easy way to ensure applications can only be opened from assigned devices. Currently anyone can install warp and access the application (if they also have the login method). For us something as simple as adding the WARP’s “team name” as a required parameter is already secure enough.

I hope this is coming quite fast… If I’m not mistaken, it’s already present in the WARP clients? Or is this about something else?

* Added new support for service token-based authentication for managed (MDM) devices.