kj07208_118528
Oct 16, 2013Cirrus
SAML IdP - Can you have one APM support multiple SAML IdPs?
- We have setup one vip and one APM that we want to use for all SAAS logins.
- We are currently federating with about four saas cloud vendors (Salesforce, box, and others).
- I don't want to create multiple virtual servers or APMs but for the APM you can only pick one SSO configuration.
- Each SAML IdP services shows up as it's own SSO configuration. Will I need to do an iRule to switch between them?
- Also in the documentation it says that you can have multiple IdP for a virtual server. Current Setup
SAML IdP Connfiguration * IdP Services -> idp_salseforce (bound to sp connector) sp_connector_salesforce * IdP Services -> idp_box (bound to sp connector) sp_connector_box
VirtualServer_SSO_SAML -> APM_SSO_SAML -> SSO Configuration -> Only allowed to pick one idp services (this is the problem)
Yes, you can have multiple IdPs setup for one virtual server. We have 3 right now. In the access policy, after authentication, I have one webtop and the 3 SAML resources. Works just fine SP initiated.