cancel
Showing results for 
Search instead for 
Did you mean: 

Redirecting sign-in URL for SAML MFA

New Contributor

Redirecting sign-in URL for SAML MFA

I saw various posts about redirecting sign-in URLs via a default page or using a trafficscript.  I'm not sure what the preferred method is to redirect sign-in for a specific URL to another.  In addition, if SAML MFA is supported in this configuration.

 

Scenario:

Current default URL https://signon.pulseapp.local/ uses the default authentication realm.  I am trying to enable another authentication realm with a different sign-in URL https://signon.pulseapp.local/realm2.  Because we're using SAML MFA; which is bound to the sign-in URL that it is configured for.

 

Has anyone else come across this scenario?  If so, what did you do?

3 REPLIES 3
Moderator
Moderator

Re: Redirecting sign-in URL for SAML MFA

So you would like the users to be redirected to Identity provider page when accessing */realm2 sign-in URL of the VPN??
New Contributor

Re: Redirecting sign-in URL for SAML MFA

My users are currently using the URL in a browser https://signon.pulseapp.local/ and their Pulse secure client is configured with https://signon.pulseapp.local/.

 

Because I have a new authentication realm; I wanted to see if there was a way to redirect the client connections automatically to https://signon.pulseapp.loca/realm2.

This is meant to be a stop gap until I can reconfigured all the client end-points to use https://signon.pulseapp.loca/realm2.

 

Hopefully this makes more sense.

Moderator
Moderator

Re: Redirecting sign-in URL for SAML MFA

Thank you for the clarification. I don't think there is any configuration on the server side which can be tweaked to send 302 redirect to the new URL when accessing the old URL, @zanyterp: any suggestions?

Can't we simply change the newly authentication realm to be used by the old URL under the signing policies on the VPN server and configure the SAML IDP to post the SAML response to the / relay-state instead of /realm2?