We have an internal SAML 2.0 application federated to an on-prem ADFS - this is an existing trust which works inside our network. The access URL is not available externally.
We have an Azure tenant also federated to that on-prem ADFS.
When I add an application to the Azure App Proxy I enter the Internal URL and I am presented with the External URL.
When users navigate to the External URL they are sent through the Application Proxy Connector inside our network and then onto the application. This all works fine unless the app is federated to our on-prem ADFS.
The application then forwards onto the on-prem ADFS for authentication.
After successful authentication the browser is redirected back to the application.......on the internal URL.....which is obviously not resolvable from the user outside who came through the external URL/App Proxy.
There are options to translate URLs but this seems to lose the expected state information.
This is where I am stuck.