This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 48%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Hello
I have guest users / b2b setup in my azure tenant but need to redirect all authentication for guest users to an on-prem saml IdP I have. I see you can federate individual domains, but is there a way to federate all with a wildcard? I have multiple public, private, other domains that I do not want to have to federate / maintain each separately since is a dynamic list. Is there a way to do this / add a wildcard of '*' or other to the domain?
Thanks
Nick
Hi @NickH48226 • Thank you for reaching out.
As per the product design, this is not possible. During the configuration, you need to specify the Passive authentication endpoint and the domain name in this endpoint should either exactly match the domain name or must share the same DNS Namespace e.g. if the domain name in the Passive authentication endpoint is login.example.com, the domain can be either login.example.com or example.com.
However, if you don't own login.example.com or example.com domain, you will need to create a TXT record in your domain with DirectFedAuthUrl=https://login.example.com/<requiredparameters> value in your domain.
That is why, in any case, you cannot specify a wildcard character.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Hi @NickH48226 • Just checking if you have any further questions.