cancel
Showing results for 
Search instead for 
Did you mean: 

Login to Pulse One with an Identity Provider other than Pulse Secure

SOLVED
Highlighted
New Contributor

Login to Pulse One with an Identity Provider other than Pulse Secure

How do you add an external, non-Pulse Secure IdP?

We just installed a Pulse One applaince and would like to have administrators login using Enterprise SSO.  It seems the only Identity Provider is one of the Pulse Secure Connect appliances that Pulse One is managing.  We have a SAML Identity Provider capability hosted on F5 Authentication Policy Manager, and we would like to integrate Pulse One into our existing SSO SAML environment.  Is it possible to integrate Pules One SSO into an F5 APM SSO solution?

 

Harry

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Moderator

Re: Login to Pulse One with an Identity Provider other than Pulse Secure

@pilgrimhd Only PCS can act as IDP for Pulse One.

PCS Expert
Pulse Connect Secure Certified Expert

View solution in original post

3 REPLIES 3
Highlighted
Moderator

Re: Login to Pulse One with an Identity Provider other than Pulse Secure

@pilgrimhd Only PCS can act as IDP for Pulse One.

PCS Expert
Pulse Connect Secure Certified Expert

View solution in original post

Highlighted
New Contributor

Re: Login to Pulse One with an Identity Provider other than Pulse Secure

Thanks r@yElr3y.  Judging from the somewhat limited options in the admin console, I suspected that was the case.  It just seems odd that the Manager of appliances relies on a managed appliance for its own authentication.  And even worse, if you are logged in through the appliance to your network, and Pulse One then tries to authenticate you through the same appliance with the same SSO credentials, well, you see the problem.

 

Harry

Highlighted
Moderator

Re: Login to Pulse One with an Identity Provider other than Pulse Secure

@pilgrimhd If you can setup the PCS to act as SP for the third party IDP, then Pulse One SP would be using the registered PCS as IDP which will then become SP for the SAML IDP service and redirect the users to the third party SAML for auth (SAML chaining) and that should work, per the flow but still PCS should be in the picture to proxy/rewrite the SAML response Smiley Happy

 

 

PCS Expert
Pulse Connect Secure Certified Expert