F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

igorzhuk's avatar
igorzhuk
Icon for Altostratus rankAltostratus
Jun 10, 2018

Saml SSO 4 SP with same IDP

My Big IP As SP I have 4 VS configured with APM saml SSO Every VS configured with Saml SP Services all the SP services bind to same IDP connector when USER accept in APM they can move to another ...
application delivery
BIG-IP Access Policy Manager (APM)
youssef1's avatar
youssef1
Icon for Cumulonimbus rankCumulonimbus
Jun 10, 2018

Hi Igor.

 

In fact it's a normal behaviour. You have 4 Service provider bind to the same IDP (authentication federation).

 

According to the timeout that you set on your IDP, all SP don't need authentication while IDP session is still alive.

 

So the behaviour that you indicate is normal and wanted in this kind of architecture.

 

But If I understand, you want that user have to re-authenticate for each application? In this case why thou federated authentication?

 

Regards