The following are required parameters that must be configured in the advanced script for the SAML assertion in Centrify to be used with the PCS device as the SP.
On the advanced configuration page, there is an option to adjust the default script. This needs to be done (and can be reset for testing, if needed).
For the purposes of the PCS / PPS devices, 4 items need to be adjusted. The default values refer to a site known as login.myapp.com.
The value for setAudience is the sign-in URL being used for SAML authentication. For example,
setAudience('https://vpn.pulsesecure.net/'); or setAudience('https://vpn.pulsesecure.net/SAML');
The value for setRecipient is the Connect Secure Instance ID from the SAML server that is created. This can be used by multiple sign-in URLs. For example,
The value for setServiceUrl is the same as setAudience. It can be set with or without a path. For example,
setServiceUrl('https://vpn.pulsesecure.net/'); or setServiceURL('https://vpn.pulsesecure.net/SAML');
The value for setHttpDestination is the SAML Consumer Agent on the IVE. This URL is the same when the IVE is used for validation against an IdP. For example,