I've setup a POC to validate that we can leverage the RSA MFA Agent across IIS webservers. However, I'm getting stuck with trying to solve how to prevent the user needing to put in an RSA userID into the WebID site.

My preference would be for the Kerberos authentication to persist and to pass that in, so the user is presented straight-away with the auth methods they have registered. Is this possible? I've seen the RSA sign on can be used to remove the need to use windows auth for Outlook and SharePoint, but that isn't what we're looking to achieve, and would still need the user to input a username if i'm not mistaken.

Connecting to CAS. Can proxy it via Auth Manager if necessary but would prefer not to. Thank you in advance!

Thanks in advance.