How to configure multiple IDP's? One application is tied to 2 IDP's at a time, Primary should be active and secondary should be in standby mode/passive, is this even possible?
Please provide some insights on this topic.
Asked
Active
Viewed 160 times
2
-
You mean as a service provider? that you want to send auth requests to 2 different IDPs? – Shira Elitzur May 04 '21 at 10:34
-
2If it's important enough to require redundancy, then it's important enough to require HA. How would you know as the SP who to send an AuthnRequest to? As the SP, this isn't your job. As the SP, it's your job to make your service always available. You do this with multiple hosts handling your federation product's ACS endpoint. As the IdP, it's their job to make their authentication authority always available... not make you figure out where to send users to authenticate. – Andrew K. May 05 '21 at 04:19
-
Or maybe he meant 2 different sources of identification... no, @AndrewK.? and then he can supply a Where Are You From service. – Shira Elitzur May 05 '21 at 06:25
-
1@Shira Elitzur, maybe. OP talks about two different IdPs, but then says active/passive... Shrug. – Andrew K. May 05 '21 at 11:12
-
Needs some clarity.. Both Idp use SAML 2.0.? Why do we have two different IDPs? Are all user information available in both IDP? – Akshay G May 05 '21 at 19:11