Forum Discussion
NimbostratusSAML - domain cookie ?
Hello
I have a question regarding saml. I am using F5 as SP and OKTA as IDP.
I have 2 apps in OKTA and 2 respective virtual servers on F5 for those apps . When I try to access first virtual server i.e saml1.xyz.com , it gives me OKTA page. After entering my credentials I get the app which is the expected behaviour . Now I want when a user opens another tab on same browser and access my second virtual server which is saml2.xyz.com , he should be able to login without entering the credentials again .
How can I achieve this
Any leads would be appreciated.
Mitz1915_365163I have set this Domain Cookie : xyz.com
After setting the cookie , while i am already logged in to samltest1.xyz.com , if i try logging in to samltest2.xyz.com , it throws error: your session is invalid . Please click here to open a new session. When I click there it takes me to my app without asking for credentials again
Questions
- What am I missing here ?
- Is this the correct approach setting domain cookie ?
- Do i need to bind same access profile to both SAML virtual servers ? Right now I have different access profiles
youssef1Cumulonimbus
Hello,
I don't know how you set your APM Policy but you have 2 alternatives.
--> first one:
you can create 2 distinct policy with 2 SP that will be attached to your OKTA IDP. your SP ID will be:
--> The second alternative, you can use multidomain SSO. And in this case you can use the same APM Policy (VPE).
Can you tell me wish on you choosed and I can help you to deploy IT. depending your problematic...
regards