I'm testing SAML authentication using Azure AD as IdP and the ASA as the SP. Login works fine but the logout fails because the ASA is sending the wrong URL.
Although I've configured the valid URL:
Looking at the requests performed by the browser during the logout, the URL requested is:
https://login.microsoftonline.com/common/wsfederationwa=wsignout1.0 without the '?' so the browsers receives a not found error from the server.
Anyone has this working with Azure?
Good Morning Antonio, I'm looking at this configuration for a client who's looking to add Azure as a IdP against their ASA's currently deployed, could you forward any reference documentation you found for this design ? Everything I've discovered so far references either using on-prem MFA server or the NPS extension
Any pointers would be greatly appreciated.
I followed these two references below from MS and Cisco. Anyway, I hopefully plan to blog the whole process shortly. I'll update the post upon I post it.