We have deployed a vCenter 6.5 appliance instance with SSO and IDP (Identity Provider) configured. All users in our organisation (Org-A) could login use our domain (DomainA) configured ensuring two factor authentication works fine.
Now further to requirements, need to add an additional domain (DomainB) with a different set of users/groups from another organisation who need access to same vCenter environment. However, they want to use a different SAML Service Provider and iDP used for their in-house applications. Could I make this all work together? What approach should I be looking here? Any suggestions?
After discussing this with some tech's there can be only one SAML provider and iDP attached to the SSO. Are the two domains completely independent?
I am trying to integrate my vCenter with at least one SAML iDP. The method followed was as simple as extracting the metadata file ( which is offered in the SAML tab of vCenter ) & using it in my SAML based iDP ( workspace one ) in this case & using the metadata file from the workspace one for importing. Strangely, the importing status isn't shown. Assuming import is completed successfully, both the iDP initiated & SP initiated way of invocation isn't working.
May I know, how you were able to make the access work via SAML iDP? What was the SAMP iDP that you were trying against?