IdentityIQ Integration with Siteminder Quick Note
Sailpoints IdentityIQ Identity Governance supports siteminder as an SSO (Single Sign On) solution. This allows Siteminder to be used as the Web Access Management (WAM) solution in front of IdentityIQ.
In the current IdentityIQ 6.x Release, there is an issue whereby the Cross Site Request Forgery (CSRF) function implemented using Angularjs framework in IdentityIQ is broken when siteminder is used as the SSO product.
Initial login via Siteminder works, but screen navigations inside IdentityIQ, especially REST endpoints fail. Specifically, the X-XSRF-TOKEN header is not set when the Siteminder SMSESSION cookie is updated. The default update frequency of SMSESSION cookie is set using the SessionGracePeriod Siteminder Web agent Setting, which is defaulted to 30 seconds.