Blake P
asked on
Internal SAML 2.0 app federated to on-prem ADFS will not work with Azure Application Proxy
We have an internal SAML 2.0 application federated to an on-prem ADFS - this is an existing trust which works inside our network. The access URL is not available externally.
We have an Azure tenant also federated to that on-prem ADFS.
When I add an application to the Azure App Proxy I enter the Internal URL and I am presented with the External URL.
When users navigate to the External URL they are sent through the Application Proxy Connector inside our network and then onto the application. This all works fine unless the app is federated to our on-prem ADFS.
The application then forwards onto the on-prem ADFS for authentication.
After successful authentication the browser is redirected back to the application.......on the internal URL.....which is obviously not resolvable from the user outside who came through the external URL/App Proxy.
There are options to translate URLs but this seems to lose the expected state information.
This is where I am stuck.
We have an Azure tenant also federated to that on-prem ADFS.
When I add an application to the Azure App Proxy I enter the Internal URL and I am presented with the External URL.
When users navigate to the External URL they are sent through the Application Proxy Connector inside our network and then onto the application. This all works fine unless the app is federated to our on-prem ADFS.
The application then forwards onto the on-prem ADFS for authentication.
After successful authentication the browser is redirected back to the application.......on the internal URL.....which is obviously not resolvable from the user outside who came through the external URL/App Proxy.
There are options to translate URLs but this seems to lose the expected state information.
This is where I am stuck.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Thank you for letting us know!
I am here to help you with your open question. Do you still need help? I have the ability to alert more experts if you still need help.
If you solved the problem on your own, would you please post the solution here in case others have the same problem?
If you need me to delete this question just say "Delete."
Thank you for using Experts Exchange.
Regards,
Kyle Santos
Customer Relations