Description of use IWA parameter used in Integrated Windows Authentication settings
Interprets the meaning of the use IWA parameter in IWA settings
|Use IWA value||Interpretation|
|Never (default)||Desktop SSO is never used on this IdP. IWA is disabled.|
|Always||IWA is enabled. Desktop SSO will always be used with this IdP, irrespective of whether the user is on or off the premise, device characteristics like browser or operating system type. If user is off the network, they will not be able to authenticate with the IdP. If they are off-net or device that has not joined the windows domain, they will get 401 Authorization required error.|
|When-applicable||IWA is enabled. Desktop SSO will only be used when ALL of these
configured conditions are satisfied:
If any of these conditions are not met, end user is presented with login form for entering username and password.