1
Content Navigator / CMOD Embedded SSO via ICN SAML Token
« on: July 27, 2021, 01:16:58 PM »
Has anyone had any issues migrating ICN/CMOD SSO via SAML from using the IBM SSO Plugin and ARSUSEC program to the built-in SSO feature CMOD now supports?
We have two clients configured on a single WAS system: one uses PingIdemtity and the other uses OKTA as their Identity Provider.
Both clients work using Plugin/ARSUSEC. The PingIdentity client also work on the new built in SSO, but the OKTA client gets an error when using the built-in method. The issue is that the LTPA key for that browser session has expired. The can successfully login, but when they try to open a folder is when they get the message about the expired LTPA key.
Any thoughts?
We have two clients configured on a single WAS system: one uses PingIdemtity and the other uses OKTA as their Identity Provider.
Both clients work using Plugin/ARSUSEC. The PingIdentity client also work on the new built in SSO, but the OKTA client gets an error when using the built-in method. The issue is that the LTPA key for that browser session has expired. The can successfully login, but when they try to open a folder is when they get the message about the expired LTPA key.
Any thoughts?