Release : 10.4.1 - 21.2
Component : Spectrum Core / SpectroSERVER
With SAML, web browsers (Chrome, Firefox) are required to redirect SAML requests to the IdP Server and respond back to OneClick servers.
This cannot be achieved with OneClick Console Clients as they use rest API framework.
When using SAML it is required to authenticate against https://oneclick-server.mydomain.com/spectrum/ each time you want to use the OneClick Console or WebApp.
Spectrum assigns the security token for OneClick clients for one-time use and the token expires once the JNLP file is opened.
SAML authentication is done with IdP servers, and these JNLP files won't contact IdP Servers, and cannot use them for multiple times due to token security.