Views:
If traffic bypasses authentication entirely, it likely one of these scenarios:
  • Trusted Lists: The URL is in the Global Trust List (built-in) or your custom Allow List.
  • HTTPS Inspection Exception: Domains in the HTTPS Inspection Exception list are excluded from authentication for all configured on-premises and cloud gateways, but excludes the default cloud gateway (working from home/public network).
  • Gateway Configuration:
    • IP Bypass: You have configured specific private IP address groups to bypass authentication in ZTSAInternet Access and AI Secure Access Configuration Cloud gateway or ZTSAInternet Access and AI Secure Access Configuration On-Premises gateway.
    • Bypass in endpoint without Secure Access Module: You have globally disabled authentication for agentless traffic on the On-Premises gateway.
  • Technical Limitations:
    • CORS Requests: Cross-Origin Resource Sharing requests cannot carry auth cookies or handle authentication redirects.
    • Non-browser Apps: Command-line tools or native apps often lack the engine to process authentication redirects.