Skip to main content

Option: Username redirect to another realm configuration

You can optionally configure the redirection of a user to another SecureAuth IdP realm without requiring them to input their username again. This relates to using the Redirect to realm or URL risk check action.

This configuration requires two realms:

  • Realm A – the initial realm on which end users start the login process

  • Realm B – the realm to which end users are redirected

Realm A configuration

In Realm A only, make the following configuration.


You can make this configuration in any of the other adaptive authentication policies. The User / Group Restriction policy is used in this example.

  1. Go to the Adaptive Authentication tab.

  2. In the User / Group Restriction section, set the following:

    Failure Action

    Set to Redirect to realm or URL.

    Add RedirectWithToken.aspx?Target= to the beginning of the realm URL. For example, RedirectWithToken.aspx?Target=

  3. Save your changes.

Realm A and B configurations

The following steps are required for both Realm A and Realm B.

  1. In the realm, go to the Post Authentication tab.

  2. In the Forms Auth / SSO Token section, click the View and Configure FormsAuth keys/SSO token link.

  3. In the Forms Authentication section, set the Name to a unique, friendly token name.

  4. In the Machine Key section, set the Validation Key and Decryption Key to the same values. Otherwise, if no keys have been generated, keep the default values.

  5. In the Authentication Cookies section, set the Pre-Auth Cookie and Post-Auth Cookie to the same, unique token name set in the Forms Authentication section.

  6. Save your changes.