How to configure RSA SecurID Access with automatic IWA to handle non-Windows devices
Originally Published: 2017-10-09
Article Number
Applies To
Issue
Non-Windows client devices (iOS for example) cannot be integrated with IWA and may "hang" preventing authentication to the SID Access portal.
A network trace with Fiddler or Charles will show that the IWA server generated a 401 Unauthorized response to the client device.
Resolution
The IWA/IIS server's 401 error page can be configured to perform a 302-redirect back to the IDR portal login page. See Create a Custom HTTP Error Response regarding "Respond with a 302 redirect". The SID Access portal URL should be provided as the 302 redirect address.
When this redirect occurs for the first time, the user will be given the opportunity to log into the portal interactively, but the relay-state (of the originally requested protected resource) will be lost. That is, deep-linking will not work, and the user will land at the application's configured landing page.
The loss of deep-linking should only happen on first authentication however. As long as cookies are not cleared deep-linking should work on subsequent access attempts.
Related Articles
How to configure firewall's dynamic network address translation on multiple internal clients to an external RSA ACE/Server Number of Views RSA Authentication Agent 1.0.1 for Citrix Storefront Release Notes Number of Views Disaster Recovery Situations Number of Views RSA Authenticator 6.2 for Windows Quick Start Guide (French) Number of Views RSA Authenticator 6.2 for Windows Release Notes Number of Views
Trending Articles
RSA Release Notes for RSA Authentication Manager 8.8 Generate a Certificate Signing Request (CSR) for the Web Tier RSA Authentication Manager 8.9 Release Notes (January 2026) RSA SecurID Software Token 4.1.2 and 4.2.1 for Mac OS X displays: No token storage device was detected. Verify that the de… RSA Authentication Manager 8.8 Security Configuration Guide
Don't see what you're looking for?
