I've set up the 1Pass SCIM Bridge in AWS using ECS/Fargate. We use Okta for an IDP FTR. Right now inbound is wide open to all traffic on all ports. I'm hoping to trim this down to only Okta's IPs and the ports that are strictly needed. I tried to put it only to allow traffic on 80 and 443 to start, but when I checked logged into the bridge again to do a health check I started to get an incorrect bearer token error. Are there other ports this needs inbound traffic to or should it just work on 80 and 443? Or is that unrelated to the incorrect bearer token stuff.
Would it be a better approach to instead limit it to only inbound traffic from Okta's IPs?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided