Topic by Luis Melo
Content
Hi all,
We configured SSO for staff members to log into the dynamic agent desktop using an embedded page from an external identity provider (IdP) in the OSvC login window.
- Imported metadata provided by external IdP.
- Confirmed IdP configuration:
- SAML Token Parameters (including Service/Logout URL).
- Certificate(s).
- Signing Parameters.
- Created "SSO Test" Profile with SSO permission on the "Admin" tab.
- Updated "John Doe" Staff Account associating the "SSO Test" Profile.
Everything seemed to be working fine for John Doe. The external IdP embedded page was coming up on the OSvC login window when he opened the application.
But then we realised that the external IdP embedded page was also coming up on the OSvC login window for other Staff Accounts/Users that did not have the "SSO Test" Profile.
Furthermore, even after we changed John Doe's profile back to a Profile without SSO permission, the external IdP embedded page was still coming up on the OSvC login window, after he logged out and logged back in.
We tried the following with no success...
- Delete the interface folder, log back in to download the files again
- Uninstall and re-install application
... external IdP embedded page was still coming up on the OSvC login window.
We could only "fix" it after deactivating the IdP on the SSO configuration.
Can anyone advise if this is the standard or expected behaviour, or if there is actually something wrong, and the SSO should only come up for those users which have a profile with SSO setting?
Thanks in advance.