Solved

SAML Configuration working top to bottom

Forum|Forum|1 year ago
August 9, 2024
2 replies
102 views

+5

Jais100rbh
Netskope Partner

HEllo,

I need help understanding the SAML configuration. Does it work with a top-to-bottom approach? I've set up a forward proxy SAML for two IDP domains (for example, abc.com and xyz.com) for Netskope client enrollment. However, when I try to enroll the Netskope client with the xyz domain, the authentication page redirects to abc.com. Upon checking bypass settings, I found that it's a global setting for all SAML configurations. I need a quick response to achieve and segregate authentication for both domains.

Best answer by sshiflett

Hello @Jais100rbh,

Yes SAML forward proxy is a top down, first match configuration. You can specify an authentication domain per IDP under the Options tab:

Your users will be prompted for their email/username and this will be used to determine which IDP to use for authentication.

This topic has been closed for replies.

S

+16

sshiflett
Netskope Employee
Answer
Forum|Forum|1 year ago
August 12, 2024

Hello @Jais100rbh,

Yes SAML forward proxy is a top down, first match configuration. You can specify an authentication domain per IDP under the Options tab: