VMware Cloud Community
vTrack
Contributor
Contributor
‎10-11-2017 09:54 PM

Using different SAML provider and iDP for vCenter access

We have deployed a vCenter 6.5 appliance instance with SSO and IDP (Identity Provider) configured. All users in our organisation (Org-A) could login use our domain (DomainA) configured ensuring two factor authentication works fine.

Now further to requirements, need to add an additional domain (DomainB) with a different set of users/groups from another organisation who need access to same vCenter environment. However, they want to use a different SAML Service Provider and iDP used for their in-house applications. Could I make this all work together? What approach should I be looking here? Any suggestions?

0 Kudos
2 Replies
mhampto
VMware Employee
VMware Employee
‎10-17-2017 12:33 PM

After discussing this with some tech's there can be only one SAML provider and iDP attached to the SSO. Are the two domains completely independent?

0 Kudos
hegdec
VMware Employee
VMware Employee
‎11-14-2019 06:35 AM

I am trying to integrate my vCenter with at least one SAML iDP. The method followed was as simple as extracting the metadata file ( which is offered in the SAML tab of vCenter ) & using it in my SAML based iDP ( workspace one ) in this case & using the metadata file from the workspace one for importing. Strangely, the importing status isn't shown. Assuming import is completed successfully, both the iDP initiated & SP initiated way of invocation isn't working.

May I know, how you were able to make the access work via SAML iDP? What was the SAMP iDP that you were trying against?

0 Kudos