When working with SAML, we typically use the HTTP Redirect or HTTP POST Bindings. We won’t go into that specifically in this blog. When you access a virtual application from Workspace ONE Access, you can apply conditional access policies such as MFA or Risk before attempting to access the virtual resource. SAML from Workspace ONE Access to the Horizon Connection Server Once you authenticate on the Azure AD side, Azure will send a response back to Workspace ONE Access with the correct value in the NameID:ĭepending on your mapping configuration in the 3 rd Party IDP configuration, the subject will be mapped accordingly to match the user in Workspace ONE Access. When you go to Workspace ONE Access, the default policy will automatically trigger an HTTPS POST to This part of the authentication flow is pretty standard. Let’s walk through this flow in more detail: Azure Authentication In this example, I’m going to assume that Azure AD is configured as a 3 rd Party IDP inside of Workspace ONE Access.Īt a high level, here is authentication flow: In this blog, I’m going to walk through the SAML flow because it might be a little different than what you’ve typically seen before. When you integrate Workspace ONE Access with Horizon you can take advantage of the Unified Digital Workspace as well as the conditional access capabilities including 3 rd Party IDP Integration, Risk, and Mult-Factor Authentication.
0 Comments
Leave a Reply. |