Got an idea for a new feature? Maybe a tweak to make something work even better? Wish there was an integration with another product to make you even more productive? You've come to the right place.
The Product Ideas Portal lets you submit whatever product feedback you have, good, bad, ugly, and anywhere between.
Want to stay anonymous? Don't worry, no email address or name fields are shared on the public portal. You can create an account which lets you vote on other people's ideas and receive updates when your idea's status changes.
To learn more about how an idea becomes a feature, check out this infographic.
SAML SSO is the authentication method supported for Password safe users.
when we goto SAML (to provide SSO including MFA) for Password Safe users , it is recommended to turn off Forms authentication for these users. The users who use direct connect sessions, for RDP / SSH should not be impacted because of this.
For these Password Safe users when the authentication is changed to SAML and "Disable Forms Authentication" selected. They would not be able to login directly to PAM, so this should not loose their ability to launch direct connect sessions. As direct connect is a preferred method, can this be supported along with SAML ?
This option is highly useful as we think direct connect is great feature for users, and would like to continue supporting it when we are going to SAML.
Agree that this would be a valuable option in a future release as our staff use the Direct Connect option regularly. Would appreciate a quick turnaround on this one if possible.
Attachments Open full size
Neither SSH nor RDP have any way to support SAML, it's a web SSO technology. There is no way for an SSH or RDP client to access any existing SAML authentication token (as it will be in your browser) and RDP/SSH does not provide any mechanism to pass the token onto the target. Using a tool like Guacamole to provide an HTTP5-based SSH/RDP mechanism within the existing UI would benefit from the existing SAML support but doesn't answer the specific idea here.
Attachments Open full size
I assume that this would be impossible with a normal thick client RDP/SSH session as those clients don't have the means to handle the SAML request/response flow and necessary session cookies requires by SAML.
Are there any clients (RDP or SSH) that support SAML authentication and act as connection brokers/aggregators?
An HTML5 based RDP/SSH client might make this possible. Through something like Apache Guacamole, you could enable users to bookmark the "direct connect" sessions. The browser would handle the SAML auth. It would also eliminate the need for anything other than a browser on the client...
Attachments Open full size
Requested for integrations with TAP vendors by the Alliances team
Attachments Open full size
Agree - this would be a valuable capability and would simplify the setup as we would not need to set up RADIUS+MFA in BI but could rely on the settings in our SAML IdP (Okta, ADFS, OneLogin, etc.)
Attachments Open full size
DirectConnect is a great feature which breaks when SAML is implemented. Please enhance the SAML implementation to include SP initiated SAML and then the authentication request could be redirected to the IDP for authentication.
Attachments Open full size
Agree that this would be a valuable option in a future release as our staff use the Direct Connect option regularly. Would appreciate a quick turnaround on this one if possible.
Attachments Open full size