A captive portal is a webpage that the user of a public-access Wi-Fi network views, interacts with, and authenticates before they get access granted to the internet. Captive portals are used in cafes, hotels, and other locations that have free Wi-Fi hot spots.

When an unauthenticated user connects to a Wi-Fi network (1), a captive portal redirects all of the HTTP and HTTPS traffic to an authenticating server on the router or access-point (2). A captive portal webpage is sent back to the unauthenticated client (3). After the user authenticates with his credentials successfully (4), they are granted access to the internet (5). This allows the user to access the Enterprise Application Access (EAA) identity provider (IdP) Login Portal (6).

If you enable captive portal, the EAA Client waits till the user authenticates with the captive portal webpage and connects to the internet, to reach the EAA identity provider (IdP) Login Portal. The EAA Client does automatic retries and does not go to the unauthorized state. This enables handling of connectivity issues with less manual intervention. If it is not enabled, the EAA Client goes to unconnected state when the user connects to different Wi-Fi networks.

Also, if the user opens the EAA Client, the network type is set to Captive portal when captive portal web page is detected. After connecting to internet, the network types changes to Public.

Configure captive portal in an identity provider

EAA Client detects the presence of captive portal web page. It redirects the user's computer to the captive portal web page, authenticate, and provide access to internet.

Prerequisite:
Enabled EAA Client in the identity provider.

1. Log in to Enterprise Center.

2. In the Enterprise Center navigation menu, select Application Access > Identity & Users > Identity Providers.

3. Select the IdP with enabled EAA Client.

4. In Settings > Client select Enable Captive Portal.

5. Click Save.

6. Deploy the IdP.

Use Wi-Fi on user's computer with captive portal

If you enabled captive portal support in the identity provider IdP), users can access public Wi-Fi networks.

If you enabled captive portal support, users can access public Wi-Fi networks, authenticate to the captive portal web page, and get access to internet on user's computer which has EAA Client software.

1. Log in to your computer.

2. Right-click the Wi-Fi icon and select the public Wi-Fi network.

3. It redirects to the captive portal web page for this Wi-Fi network.
   In the EAA Client, the Network type is Captive portal.

4. If the credentials are correct, user get access to the internet. The EAA Client icon changes from not connected to trying to connect, and then to connected. Or, if the user was connected to a different Wi-Fi network, the icon changes from connected, to trying to connect, and then again to connected, to indicate the transition to a new Wi-Fi network. In the EAA Client, the Network type is Public.