SP Initiated SAML Authentication stops at Webtop page

Hi Youssef,

Thanks for the quick reply.

I can confirm that under Access -> Federation -> SAML Resources, there is a resource configured for both the existing and the new connection I'm trying to set up.

Under Access -> Federation -> SAML Identity Provider -> Local IdP Services, there is an entry for the new site, which is bound to the SP connector that was created by importing metadata from the 3rd Party

I'm not sure I follow your last point, there is a 1:1 relationship between Local IdPs (under Access -> Federation -> SAML Identity Provider -> Local IdP Services) and External SPs (under Access -> Federation -> SAML Identity Provider -> External SP Connectors)

Both SAML connections are using the same Access Profile (under Access -> Profiles / Policies -> Access Profiles) On the SSO/Auth Domain tab for that policy the "SSO Configuration" dropdown is set to "None". On the Access Policy tab for that profile, there is one Webtop listed (we only have one setup). Each of the new connections has their own Webtop Section associated with this policy, each section has the SAML Resource listed against it.

I should have said in the original post, I can see the entry for the new site on the Webtop page when the browser stops there, it's just that I'd expect it to slently conduct the SAML authentication and redirect the browser back to the originating website.