We have a query regarding using CA Service Desk using SAML and CA EEM authentication with version 17.3 of the CA Service Desk Manager.

a. We are required to integrate with one or more third party solutions using SAML Authentication. Is it possible to use, Microsoft Azure Portal as the SAML Identity Provider. 

b. Along with the SAML SSO described in point (a), is it also possible to simultaneously continue using the CA SDM integration with EEM(i.e. with LDAP users)?

In summary: We want to achieve the following authentication use cases.

a. For Internal users- Use CA Service Desk, integrated EEM authentication for internal users. This EEM is integrated with LDAP Directory store of BOTH Microsoft (AD) and Oracle (OID).

b. For Third-party users & Partners - Use SAML authentication with Microsoft Azure platform subscriptions to act as an identity provider for partners trying to service desk applications.

Release : 17.3 and 17.4

Component : SERVICE DESK MANAGER

1. SDM/Catalog/xFlow-SP support SAML authentication protocol, and Azure AD uses this protocol for user authentication. So pointing SAML to Azure AD should work. We have generic documentation for SAML configuration on the below URL. This would be sufficient and\or applicable to Microsoft Azure Portal.

SDM SAML Authentication: 

17.3 Documentation
17.4 Documentation

Service Catalog SAML Authentication:

17.3 Documentation
17.4 Documentation

xFlow/Service Point SAML Authentication:

17.3 Documentation
17.4 Documentation

2. SDM does not support multiple authentication mechanisms per instance. This use case is not supported by SDM.