SAML Configuration working top to bottom

HEllo,

I need help understanding the SAML configuration. Does it work with a top-to-bottom approach? I've set up a forward proxy SAML for two IDP domains (for example, abc.com and xyz.com) for Netskope client enrollment. However, when I try to enroll the Netskope client with the xyz domain, the authentication page redirects to abc.com. Upon checking bypass settings, I found that it's a global setting for all SAML configurations. I need a quick response to achieve and segregate authentication for both domains.

Page 1 / 1

Hello @Jais100rbh,

Yes SAML forward proxy is a top down, first match configuration. You can specify an authentication domain per IDP under the Options tab:

Your users will be prompted for their email/username and this will be used to determine which IDP to use for authentication.

Hello @sshiflett,

With your expertise and suggestions, I am able to segregate both domains.

Thanks for your prompt response :)

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded