Bomgar/BeyondTrust relying party?

IAM David Bantz dabantz at
Thu Oct 13 19:39:40 UTC 2022

Have you successfully configured Bomgar (BeyondTrust) for SSO via your
Shibb IdP ?

Bomgar (BeyondTrust)  has a GUI for SAML SSO integration that is mostly
clear and straightforward,
but seemingly appropriate SAML assertions trigger “Authentication Failed”
message at the service
(with no further details).

Incoming SAML request specifies a nameid-format:persistent (not mentioned
in the GUI) so
I configured release of nameID based on uid (unscoped username) and ePPN
(same username,
with the requested format. Neither alternative produced anything further
than “Authentication Failed” at the service.
Support has so far been less than useless. Perhaps you know an additional
unmentioned requirement or trick?

David St Pierre Bantz
U Alaska IAM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list