After working with support for a few days we verified that SSO does not work on a fail over Cluster. Resulting in accounts being locked out or needing the local prtg accounts to gain access. The SSO functionality works great on our core servers that are in standalone and on the primary servers. When it goes to failover unfortunately the callback URI are made blank resulting in no SSO access. If we can be given an option to either not having those callbacks deleted or combining the callback of the primary and failover would be very helpful. The other function I would like to see is when setting those callbacks having the option of picking the auto generated URI and a custom URL. That way we can setup a custom link that is easy to remember for our users instead of having to remember the FQDN of the servers allowing any login to accept the SSO.