APM Cookbook: AutoLaunch SAML Resources
Introduction
After the SAML labs at Agility I got a lot of questions about how to automatically launch SAML resources and skip the webtop, and I promised I'd write it up for you. If you haven't be...
Published Aug 10, 2016
Version 1.0
Graham_Alderso1
Employee
EmployeeGraham_Alderso1Employee
Employee
Marvin
Cirrocumulus
CirrocumulusIf I understood correctly this SAML IDP initiated solution provides SSO access to all external SAML resources with only a Single Login on the F5 IDP (IDP initiated), without having to login and authenticate to each SP (and F5 IDP) separately?
Technically this use case scenario would only work with IDP initiated combined with SAML resources and not with SP initiated SAML (no webtop and no SAML resources)? Is it possible to automatically send SAML responses to all the Service Providers with a single SP initiated login as well? Something similar to the Single Log Out (SLO) but then logging in for SP initiated SAML requests is that feasible in your opinion?
But again my guts tell me that the only solution that would fit this use case is IDP initiated, correct?
ps: perhaps the oauth integration delivers more flexibility with oauth bearer but I will have to do some labs at Agility 2019 to practice on this ;-)