How do you prevent attackers from connecting to a tunnel?

Every tunnel has a unique ID. An attacker would need to know this ID to make calls to the tunnel.

We also use the following security restrictions:

• The calls coming through the tunnel must be made from within Atlassian Cloud. Any other traffic isn’t accepted by a tunnel.

• The configured AuthN / AuthZ mechanism on the self-managed side