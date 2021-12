A Windows application is used by multiple (20++) users, each in their own instance. These are to run centrally on an external (on premise) server. The authentication should be done via SAML, where 8 IdPs (coming e.g. from ADFS) have to be connected. There is no other connection between the AD and the external server, esp. no AD thrust. The application must at least be informed about the underlying SAML user. The individual user sessions are not needed to be persisted (temporary profiles are ok). A simple file exchange between the application on the server and the client environment is necessary. No decision has been made yet whether to have a native connection application on the client (similar to the normal terminal client aka mstsc) or to do it entirely through the browser.

