Secure Access Cloud

View Only

Web application SSO

Dimitri Danishevski posted Jan 16, 2026 11:58 AM

Hello, community team.
We wants the ZTNA web application to forward the user's credentials used to log in to the ZTNA portal (IDP - Entra ID) to web applications that require authentication.
The only available option is JWT.
Unfortunately, I don't understand what the network flow looks like in this case and how to set it up.
I would be very grateful if you could explain this to me.

Thanks in advance.
Dima

Broadcom Employee Stanislav Elenkrich posted Jan 25, 2026 12:03 PM

Hey Dima,

ZTNA can be provisioned as one of the Entra ID applications. Providing seamless SSO from experience.

Is the application you want to authenticate into, using Entra SSO ?

Thanks,

Stas.

Dimitri Danishevski posted Jan 25, 2026 12:46 PM

Hi Stas
No, in this application, authentication occurs with a user from the local AD domain.

Thanks,

Dima

Broadcom Employee Stanislav Elenkrich posted Jan 26, 2026 07:52 AM

Hey Dima,

In that case, you can use JWT. With JWT, you can add a header that the ZTNA service attaches to requests sent to the application within the internal network (through connector). This allows the application to identify the user without requiring an SSO integration.

Additionally, you can configure the signing key used for the JWT. The token is signed with this key, and the application verifies it to ensure authenticity.

This configuration is available under the Advanced option in the application object. Once you start configuring JWT, a wizard will guide you through the relevant signing options and required steps.

You can find more details at the following link:
https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/ztna/1-0/configure-applications/create-web-application/configure-sso.html

Thanks,

Stas.