Configuring third party IdP to authenticate users via SAML on WS1
We need to roll-out a BYOD strategy for users who will have access to a limited number of apps and who want their privacy respected (No AW Agent). In order to achieve this, we would like to use WS1. However, we do not want to use passwords, instead we would like to use our IdP which is configured for SAML SSO.
We have added our 3rd party IdP in ViDM under Identity & Access Management/Identity Providers and correctly filled out the necessary fields, metadata etc. We also ensured that WS1 has been listed in the policy set as being able to authenticate using the 3rd party IdP as listed above.
We keep getting an "access denied" error on WS1.
I have the same error if I try to attempt to authenticate to the admin console using SAML with my admin account...when I trace the SAML requests, everything is working as expected on the IdP side of things until the response is sent back to ViDM and errors out.
We don't have access to the ViDM logs as it's SaaS.