This article shows how admins can customize the way users are redirected to their SAML provider when logging in.

You can edit the redirect mode using the Redirect mode menu item in the Settings section of your SAML provider.

Ask for a username first

This is the default mode and is a safe choice when not all users should be logging in with SAML, or not all users should log in using the same SAML provider.

To determine if and where a SAML user should be redirected, the user is first asked to provide a username. The username is then matched against the access policies of your configured SAML providers. 

If a single provider is matches, redirection is initiated immediately. If more than one provider matches, the user gets to choose one of the providers.

Redirect directly

In this mode, users are not asked for a username but are instead redirected directly to the provider. This is useful if all (or almost all) of your users should be logging in using the same SAML provider.

To make the login process even more transparent, you can skip showing the login page entirely by deselecting the Show login page option.

Do not redirect

This is mostly useful if you plan to only use IDP-initiated SAML authentication, or if your IDP only supports this mode of authentication. In this mode, no redirection will happen from Polar SSO and users will instead log in by finding some link in your IDP or on your Intranet. 

Learn more