IdP initiated login

The Enable IdP initiated login for this SP option is available for configuration for custom service providers (SP) only. However, the option is enabled by default for Concur SP. The option is disabled for all other SPs.

Select the Enable IDP initiated login for this SP option if your service provider redirects to the IdP login page, instead of sending a SAML AuthnRequest to the IdP.

Enabling IdP initiated login lets Access expose an IdP URL that generates a SAML request to the original IdP. However, if the Use Ivanti Tunnel Certificate for SSO option is also enabled, Access generates a SAML response to the SP based on the user’s Ivanti Tunnel certificate.