Forum Discussion
Manel_Mendoza_1
Nov 18, 2015Nimbostratus
Hi Michael,
I will put an example.
App1: url: app1.provider.com ==> Very confidential APP. Need a SAML tiquet with atribute "security level = hight" App2: url: app2.provider.com ==> Very low confidencial APP. Need a SAML tiquet with atribute "security level = low" ...
Both need a saml tiquet, and both redirects to the same idp to obtain it, but on the policy of the F5 when the PrivederName= APP1 the policy would request 2 factor autentication . On the other hand, when the idp detects that the providename = APP2, only with username or password is enought.
This is the reason why we need to branch the policy on the idp based on SAML request PrivederName.