In conversations with customers, I have a question that frequently comes up. Do users have to go to the Via Access application portal or can they go directly to the SaaS application (like a bookmark)?
Workflows where end-users navigate directly to a particular application URL (like if they bookmark a specific page) are called "deep linking." Most of the time, users can bookmark pages within an application after the application has been integrated with SSO, but how (and when) this works depends a bit on the particular SSO integration method that the app uses.
RSA Via Access supports deep linking with SAML, but not all application vendors (a.k.a. Service Providers) do. Those service providers that do support deep-linking tend to do so in one of two ways:
Some SAML applications don’t automatically redirect users to the IdP, though. In those cases, if a user bookmarks a specific page within the app, the user might just be redirected to the application’s own login page (rather than to the RSA Via Access portal, where the user can log in with their corporate credentials). If that’s the case, “deep-linking” won’t work. In order to take advantage of SSO, the user would need to navigate to the app portal, sign in, and click on the application from there. Once they’ve gone to the app through the app portal, they may be able to use their bookmark.
If an application uses HFED or Trusted Headers, users can bookmark the proxied URL to take advantage of SSO. The best way to do this is for the user to copy / bookmark the page after having accessed it through the app portal. For example, they would bookmark https://www-appname-com.sso.example.com/my/favorite/page rather than https://www.appname.com/my/favorite/page. If the user tries to go to the proxied page but hasn’t yet logged into the SSO portal, they’ll be redirected through the authentication process (portal login page or IWA, for example), before being taken through to the requested application page.
I hope this makes sense, but let let me know if you'd like any additional clarification.
Retrieving data ...