Getting Started
Important Moderation Notice
This community is currently under full moderation, meaning all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you will receive an email outlining the reason(s). We have implemented full moderation to control spam. Thank you for your patience and participation.
Top Liked Posts
-
By Vee4By Siva4By Vee2/* */By Maksym1By Maksym1
For SSO authentication of users to Concerto, require Director to be hosted on the Internet?
Hi Experts!
My Service Provider organisation wish to authenticate our customers accessing Concerto using SSO and SAML.
Only Concerto is exposed to the Internet.
During testing, we found the client is redirected to our Director. But as Director isnt hosted on the Internet, we never see the SSO browser prompt on the client device. Consequentially, SSO fails.
1) do we need to host Director on the Internet?
2) if yes, is there a way to minimise the Directors footprint to minimise exposure to the Internet via a WAF or similar appliance?
Thanks in advance!
Comments
-
Two URLs from the director needs to be exposed to the Internet to have Concerto SSO configured:
https://VD_FQDN/versa/sso/loginConsumer
https://VD_FQDN/versa/sso/logoutConsumer
Please try this, it should resolve your issue.
It is recommended to use WAF for additional security.