Solved: Sponsor Portal behavior after SSO

fabioairoldi · ‎11-07-2025

Hello Team,

I recently set up the authentication for our Sponsor Portal as Microsoft SSO using an Azure App.

I changed nothing for the Approval Request Email; I see that it still has links for APPROVE or DENY the guest user.

The email that we get still has the "oneclickaction" URL

however now if we click on the "APPROVE" or "DENY" buttons, we get redirected to the Microsoft SSO page (which is correct) but then we land on the "Account creation" page

Users have to manually go to the "Pending Accounts" tab and select the account.

Is there any action I have to take to reinstate the one click approval? Is there any documentation on behavior change with different types of authentication?

Any help would be greatly appreciated.

Thanks in advance

Fabio

Ben Weber · ‎11-10-2025

Hey Fabio

ISE Single Click Sponsor Approval does not support SSO-based authentication (whether using SAML or Kerberos AuthN flows). Hence the prompt to create a new user.

Only AD and LDAP are supported.

See: ISE Single Click Sponsor Approval FAQ - Cisco Community

- BW
Please rate posts if they have been helpful.

View solution in original post

Ben Weber · ‎11-10-2025

Hey Fabio

ISE Single Click Sponsor Approval does not support SSO-based authentication (whether using SAML or Kerberos AuthN flows). Hence the prompt to create a new user.

Only AD and LDAP are supported.

See: ISE Single Click Sponsor Approval FAQ - Cisco Community

- BW
Please rate posts if they have been helpful.