search cancel

I can't get "Single Sign-On" together with CA PAM to work when CA PAM Client is used


Article ID: 8786


Updated On:


CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager (PAM)


We have integrated CA PAM with CA Advance Authentication (CA AA) via SAML, where CA AA id the Identity Provider and CA PAM is the Resource Provider.

When the CA PAM UI is opened in a Web Browser then everything works fine. 
However when using the CA PAM Client a problem is seen.

It may be observed that when clicking on "Single Sign-On" button basically the CA AA part of the integration executes well.
But after the authentication occurs, when the UI returns back to the CA PAM then a page with errors appears. 


All PAM Releases


The CA AA id the Identity Provider was responding to the PAM FDQN but the user was logged in to the PAM Client using the PAM IP. 

The browser was working because they were using  FQDN.


Login to CA PAM Client or browser using the IP or FQDN as configured in the CA AA Identity Provider.


1558700711806000008786_sktwi1f5rjvs16k8p.jpeg get_app