Solution3 Policy¶
Policy Walk-Through¶
When a user accesses a VIP protected by this policy they are redirected to the IDP selected by the SP Service.
Upon successful authentication at the IDP, the user is redirected back to the SP. The SP service consumes the Assertion. The user is granted access via the Allow Terminal
Upon unsuccessful authentication, the user proceeds down the fallback branch and denied access via the Deny Terminal
Policy Agent Configuration¶
The SAML Auth Policy Item contains the following settings
Profile Settings¶
All profile settings are left the defaults
Supporting APM Objects¶
IDP Connector¶
Sections not specified contain default values
General Settings
Single Sign On Service
Security Settings
The Policy from a user’s perspective¶
If a user attempts to access https://sp.acme.com they will be redirected to its IDP(Okta) for authentication.
Username: coyote@acme.com
Password: user1
Once authenticated the user will be redirect back to the application and granted access