-
Title
INTERNAL: How to send users directly to the User Login page avoiding the Home Realm Discovery page -
Description
When multiple authenticators are configured in Cloud Access Manager (CAM), users must select which authenticator to use on the Home Realm Discovery (HRD) page before they can login. It can be difficult for some users (e.g. external) to know which authenticator is the correct one for them.
-
Cause
In a multi-authenticator deployment Cloud Access Manager needs to know which authenticator it should use to log in a particular user; it can’t guess. -
Resolution
From CAM 8.1.2, A new query string parameter, ProviderID, has been implemented. When present and matching a valid authenticator name CAM will now redirect straight to the User Login page for that authenticator, bypassing the HRD page. These URLs can be sent to users by email or embedded in access portals or desktop links.
For example, if you have two authenticators defined on your system, ‘Local LDAP’ and ‘SAML Partner’ you could access them directly using the following URLs:
https://www.webapps.example.com/?ProviderID=Local LDAPhttps://www.webapps.example.com/CloudAccessManager?ProviderID=SAML PartnerNotes:
1. The ProviderID parameter is case sensitive.
2. If a user already has an HRD cookie set in their client browser for CAM the ProviderID parameter will take precedence.
3. When using the ProviderID parameter an HRD cookie will not be set in the client browser. -
Change Request
ER 642244 , ER 642245