Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,397 questions
SAML Authentication on multiple Service Principals (SPs) with only one login
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 57.00000000000001%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
Juan Manuel Castro
0
Reputation points
Hi. I have two firewalls acting as proxies. Each firewall has different resources behind them. This firewalls are configured as SAML SP's and Azure as SAML IdP to get authentication with Microsoft credentials before access any resource behind the firewalls.
I configured only one SAML Enterprise application on Azure with two identifiers.
Now, if I try to access one of the firewalls, I get the microsoft login page asking for credentials, but if I try to access the second firewall, I will be asked for credentials again.
I want to access login just one time and get access to both firewalls.
I think somehow both firewalls are not sharing the SAML assertions, even though I have both configured under the same enterprise application.
Any advice?
Thank you.
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Givary-MSFT 30,251 Reputation points Microsoft Employee2024-07-08T05:05:50.12+00:00 @Juan Manuel Castro Apologies for the delayed response, help me with fiddler trace - https://office365concepts.com/how-to-use-fiddler-to-capture-traffic/ while reproducing the issue, this would help debug the flow further.
Sharing my contact details over private message, where you can share the fiddler logs.
-
Juan Manuel Castro 0 Reputation points
2024-07-08T20:38:12.05+00:00 Hi @Givary-MSFT
My application is using a certificate to validate the connection source. The fiddler is trying to apply another certificate in the middle and then my application is blocking the request.
Is there other information that i could share with you, like a log from Azure?
Regards.
-
Juan Manuel Castro 0 Reputation points
2024-07-08T22:43:03.9333333+00:00 Hi @Givary-MSFT
My application is using a certificate to verify the source of the traffic.
When I use the fiddler it tries to use a certificate in the middle to unencrypt the web traffic, but this makes my app not work properly.
Is there another information that I could share with you, like Azure logs?
Thanks.
Sign in to comment