SAML for http (not https) only urls

Does Appian SAML SSO work with http (not https) IDP requests.

Is it mandatory to have all the systems running under https rather than http to be compatible with saml SSO?

What is the rule?

  Discussion posts and replies are publicly visible

Parents Reply
  • One of my end clients has some of its systems running on http and after checking with IdP (azure here) they suggested moving the systems  to https first to be compatible with their requests.

    Though, it's an extra overhead moving all the urls to https, but, for us it's doable.

    I just wanted to know as a general enquiry if it's mandatory to be on https which you have answered NOT, but a necessity for security purposes in this time.

    Thanks

Children