Use Edge Session for authentication on SAML IdP Virtual Server

Question

I'm running APM for different use cases. One use case is connecting mobile devices with Edge Client. They authenticate with user based certificates. On the same box, I have another APM access profile running that does SAML authentication and provides an IDP service. I now want that Edge Client connected users don't need to authenticate a second time, meaning that the SAML IDP access profile leverages the authentication information we already received when authenticating the user with Edge Client.&nbsp;
Has anybody implemented a good approach for that?&nbsp;
Thanks in advance for your support.&nbsp;

daniel_w_ · Answer

I just found out that the SSO works, when Edge Client users and SAML IdP VS are in the same route domain. In my setup, the edge client users are directed to a customers route domain, the SAML IdP resides on another route domain for shared services.&nbsp;
Any ideas how to solve that without changing my route domain concept?&nbsp;

kunjan · Answer

Might be possible to create a layered VS on customer RD with pool member pointing to SAML IdP on it's RD, with strict isolation disabled.&nbsp;

Forum Discussion

Use Edge Session for authentication on SAML IdP Virtual Server

2 Replies

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Integrating SSL Orchestrator with Fortinet FortiGate Virtual Edition as a Virtual Wire

Distributed caching of authentication requests with NGINX Ingress Controller

Application Programming Interface (API) Authentication types simplified

AD Authentication and Local DB Authentication in APM

Duo Authentication Proxies