SSO integration with existing website (Forms Authentication)
We are trying to integrate our vendor site into our existing website using saml2.0 (SSO). We do not have SSO configured to our existing website
In our scenario, We have an existing website https://Mycompany.com. It has its own database authentication system (Not AD). Once user is authenticated, They would be presented links to our vendor sites Ex: "Vendor1.com", "Vendor2.com"
On clicking any of the link we need to generate saml2.0 with some custom attributes before we redirect them to vendor sites.
How would we integrate SSO to this existing site so when clicked on vendor link it passes saml assertion along with it.
Here are my basic questions on the architecture.
1) I would redirect the vendor link first to IDP but I am not sure how IDP would figure out if this is a valid user. Since user is already authenticated through our existing website which is not going through APM, I will not have password to post to IDP.
2) Do we need to move the existing website authentication to APM to get the saml while logging into the site itself?
I will appreciate if someone can give me some direction to start.