I'm trying to put web apps in Mobile Access that leverage SAML based SSO (we use Okta, but it's the same for any SAML SSO provider).
The challenge is, that the application redirects to the SAML IdP just fine, but when the IdP redirects back to the relying party (SP), it is using the configured Relying Party URL. So we need to send the IdP traffic through Mobile Access in order for MAB to be able to rewrite those URLs as they contain the SAML assertion that needs to go to the SP.
I have tried adding the SAML IdP URL as a web application and including it in the rules. This almost works, but it seems that the URL rewriting code is either not able to or just isn't updating the SRI in the URL causing the browser to not load it as the SRI value doesn't match the rewritten URL.
I had a TAC case opened with my Diamond Engineer (6-0002161253), but it got closed in the transition from one engineer to another because the debugs that I had provided to the case got lost and I didn't want to go through an gather debugs all over for something that I clearly documented as an issue with the MAB URL rewrite.
I wanted to ask the community if anyone had been able to successfully add a web application to MAB that used SAML authentication and, if so, now.
Thanks,
heath