Any recommendations/validation of a scheme to select a SAML Proxy or Password/MFA authentication flow based on relying party / SP entityID?
cantor.2 at osu.edu
Thu Jan 27 23:50:23 UTC 2022
On 1/27/22, 2:09 PM, "users on behalf of Mak, David" <users-bounces at shibboleth.net on behalf of d.mak at northeastern.edu> wrote:
> Really appreciate the great advice on this! Of course, Scott pointing out the most straightforward solution
> meant I had to swallow my embarrassing attempt to overcomplicate things.
The whole supportedPrincipals matching is completely non-obvious and very hard to document or explain, it's just very obvious once you understand it that it automates most of the matching people try to write code to handle.
More information about the users