Question about multiple idps

Peter Schober peter.schober at
Mon Jul 9 12:24:02 EDT 2018

* Shawn Biesan <2perdo at> [2018-07-09 18:05]:
> So currently we have a shibboleth IDP that works. We have 3-5 Service
> Providers that hit our shibboleth IDP.
> Sometime in the future there will be an outside group with their own IDP
> that we want to auth into our existing infrastructure.
> I'd really like for the users of the external system to be able to SSO into
> our system from theirs. Ignoring the problem of syncing users between the
> two IDPs how can I structure this all? From this perspective is there a way
> I can treat our IDP as a Service Provider from the external client's
> perspective so all the existing SPs just work? Should the 3-5 existing SPs
> just trust both IDPs?

Does this help? (An answer I sent to another list recently)!topic/simplesamlphp/Pnvahm51EdE


More information about the users mailing list