Alternative Application Addresses
The alternative application address is used to isolate a specific application from the broader Portal. It allows any WEBCON BPS application to be made available under an independent URL, which is a subdomain of the main Portal. This gives you full control over what end users see and how they log in, while maintaining the benefits of centralized platform administration – the application is still available through Portal and everything else is configured in exactly the same way.
Configuration in Designer studio
The configuration in Designer Studio is relatively trivial and is done entirely through the Alternative Application Addresses node in the System settings Global parameters – an address for each application is added and edited through the buttons on the right (1). The "+" and "-" buttons add and remove an address respectively, while the "…" button can be used to edit an existing address. Each application can have one alternative address and the addresses must be unique.
In the editor window (2), select the application and enter its address in the form of a subdomain, e.g., https://support.mycompany.com
Next, choose the Authentication providers that users will use to log in. You can select from the list of providers already used for authentication in the Portal.
For providers such as OpenID Connect or Microsoft Entra ID, which require a Return URL, you must include both the main Portal address and the newly created subdomain in their configuration. For ADFS, a similar setup is needed – the ADFS configuration must include a Relying Party Trust Identifier for the new subdomain.
It's also important to note that if the environment was installed with a virtual directory for the Portal (RunningAddress), the alternative application addressing feature will not be available.
Configuration outside of Designer Studio
Two additional pieces of configuration are needed to make the alternative address work.
SSL/TLS Certificate
Once the alternative address settings are complete, make sure the appropriate SSL/TLS certificate is installed in IIS. The most convenient solution is to use a Wildcard certificate that covers both the main domain and all its subdomains, e.g., *.mydomain.com. After installing this certificate on the IIS server, both Portal and all configured subdomains will be secured automatically, without the need to issue additional certificates. Custom addresses will require additional certificates.
DNS Alias
The final step is to ensure that network traffic directed to the new address reaches the WEBCON BPS server. To do this, configure the DNS entries for the published domain correctly. After DNS propagation (once entries are globally recognized), the application should be available under the dedicated address.
Use cases
The main purpose of the alternative address is to isolate a specific application from the main Portal structure and make it available in the public internet to a selected group of users (especially external users), who should only have access to the shared application without realizing that it operates within the broader context of Portal. This gives the appearance of the application being a standalone solution, intended for one specific purpose, without the clutter of other applications.
External
The company uses an intranet containing many applications, it has external contractors who have WEBCON BPS accounts and access to two specific applications: B2B and Complaints. To make it easier for external clients to use these applications, they are both isolated under alternative addresses with “partner” and “support” prefixes respectively.
This gives them each an appearance of being a standalone website with its own intended purpose. The clients can use features, such as search, reports, and dashboards that will only display results relevant to the one application.
Internal
The HR department of a company is implementing WEBCON BPS applications as a pilot for broader implementation in the whole company. The HR department has built a number of applications and would like to make some of them available to other people in the company. The first targets are the Absences and Home office applications.
All members of the company are granted privileges in these two applications, and to make using them clearer – they are each hosted under their own alternative address. Employees may still use the HR Portal where they will see these two applications, or they may use the dedicated addresses if they find it easier and more transparent.
What is available?
The application and all its relevant components should work seamlessly when exposed under an alternative address, links generated from the alternative address should work correctly and redirect to the address.
Directly accessing the alternative address leads to an “isolated view” of the application – it looks identical to the regular application in Portal, but instance data is limited to the processes native to the application and linked processes.
- You cannot navigate to other applications or the Portal homepage;
- Search and navigation are restricted to within the isolated application only;
- Access to elements of the application is controlled through the application and process privileges as in the regular Portal.
Linked processes
If the isolated application uses linked processes, their elements will also be viewed through the lens of the isolated application. However, links in e-mails, MailApproval, and Mass notifications that redirect to a linked process will be shown in the native application.
Public link
Instances shared through the Public link mechanism will always redirect to the alternative address.
Export Import restriction
The configuration of alternative application addresses is not transferred during import/export.
To learn more about configuring default values, read the Application hub article and the Application hub Quick-Tips video.