Thanks for your response. We are new to Clarity On Demand and accessing it via SAML federated single sign on.
We have been advised by CA Support that Clarity On Demand does not support Service Provider Initiated Single Sign On.
This was a surprise to us because the On Demand Portal Admin Guide states one of the parameters available is "Identity Provider SSO Service URL: The Identity Provider's Web Service used in case of time-outs, log-outs, and Service Provider Initiated SSO".
We also suspect the On Demand Portal is built with CA SiteMinder which does support Service Provider Initiated SSO.
Being limited to Identity Provider SSO means we need to construct links to Clarity in the form https://<identity provider url>?PartnerSpid=<service provider id>TargetResource=<Clarity URL>
Clarity URL's contain "#" and the single sign on interaction between the identity provider, the On Demand Portal and Clarity application results in everything after the # being stripped from the URL.
This means every link to Clarity takes you to the Home page.
We can achieve deep linking by replacing the # with %23 in URL's we generate or publish ourselves. But we cannot do that for URL's generated by Clarity, such as those included in email notifications.
When a user receives an email from Clarity containing a link to a project, dashboard or action, clicking the link always takes them to the home page - unless they have their browser open and have previously accessed Clarity to create a session.
This is clunky and will impact user adoption.
I can't believe we are the only customers to have this issue. Has anyone solved this with a work around ? Or got Service Provider Initiated SSO working with Clarity On Demand ?