Forum Discussion
Kevin_Stewart
Aug 03, 2014Employee
The absolute simplest SAML SP configuration is simply this:
start -> SAML Auth -> Allow (or Deny)
Assuming you've properly configured the SP profile, imported the IdP's metadata as an External IdP Connecter, and then bound the External IdP Connector to the SP, there's not too much more too it. The client will contact the APM VIP, and the SAML Auth agent will redirect the client to the URL configured in the External IdP Connector. The client naturally needs to be able to resolve this URL. The very first thing I'd do is probably install the SAMLTracer agent in FireFox and test again. This plugin will show you exactly what the SAML traffic looks like (and potentially where it's failing).