IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

Setting up a nested SSO flow

  • 1.  Setting up a nested SSO flow

    Posted Wed August 24, 2022 12:58 PM
    I have a use case where I have to connect multiple Idp's to multiple SAML based SP's with ISVA 10.0.x.
    I found the following information about nested SSO flow, which seems to be what I am looking for, but I don't exactly see how to make it work.

    So far I have a working idp on another appliance, and a working SP (a connection to a cloud based  instance), which both work fine individually.
    I have created the federations as described, and mapped them to a single reverse proxy as a point of contact server (using the web reverse proxy Federation interface in the GUI). I can now access my SP, but it triggers a local login through the standard authentication mechanism, whereas I would want to be directed to the idp on the other appliance, but I don't see which partners to configure where to achieve this.

    ------------------------------
    Gerwin Bastiaansen
    ------------------------------