SV2022
Feb 10, 2024Cirrus
Difference between SSO under access policy and SSO in VPE
Is that mandatory to have SSO credential mapping via VPE whenever we have SSO created under access policy. i need to understand the relation between these 2 sso configurations
- Feb 12, 2024
The SSO profile attached to a access policy has 2 or 3 variables, session.sso.token.last.username and session.sso.token.last.password (and others, depending on the SSO profile).
These are not created by default in the VPE. The SSO credential mapping agent maps a username variable (most of the times session.logon.last.username, depending on what you select in the agent) into session.sso.token.last.username.
You could do the same in a variable assign agent, F5 has created the SSO credential mapping to help engineers and to show in the VPE your mapping SSO credentials.
So it is not mandatory.
I hope I makes it a bit more clear.
Cheers,
Kees