Forum Discussion
CirrusSSO login for APM Profiles
NacreousEach Policy/Profile has its own session cookie
So how are you sharing SAML sessions now?
Do you have a main policy acting as SAML IDP and others as SP?
If you do, you only need to federated your oauth policy with this main policy too.
If not you have to create one main policy and federate all the rest
BGill__CISSP__CThanks for the response. SAML is only 1 Policy/Profile with multiple IdP/SP Partnerships associated.
We only act as an IdP
I am not clear on how we would Federate our OAuth AS with our SAML Policy. Are you saying to Authenticate into OAuth using SAML?
- Injeyan_Kostas
Ok, so you have one Saml Policy and one OAuth policy right?
One option is indeed to federate this Oauth Policy with the Saml one using Saml again. So Saml policy will actually be you main policy.
Another one might be set Scope to Global in Both policies. Did you tried that?
For this to work I guess, i have not tried this, you have to setup also domain cookie and of course serve both policies under the same domain- BGill__CISSP__C
Correct, 1 of each Profile/Policy
I did attempt to set Scope to Global and it didn't have any effect. It would still be a big improvement if we could get OAuth to work the way SAML is. Once authenticated into the SAML Profile, I can go directly through to any of our other partnerships without form authentication again. With OAuth, I have to form authenticate into each client.
