Single Sign On (SSO)
This page describes what single sign on is and how it works.
What is Single Sign On (SSO)?
SSO works based upon a trust relationship set up between an application, known as the service provider, and an identity provider, like SAML 2.0 and OAuth2. This trust relationship is often based upon a certificate that is exchanged between the identity provider and the service provider. This certificate can be used to sign identity information that is being sent from the identity provider to the service provider so that the service provider knows it is coming from a trusted source. In SSO, this identity data takes the form of tokens which contain identifying bits of information about the user like a user’s email address or a username.
How can I use Single Sign On (SSO):
You must be within the Advanced band or higher to use SSO as this is a chargeable module/integration. Please speak to your CSM if you are unsure whether you should have access to this feature.
You also must use ADFS (Active Directory Federation Services) or SAML (Security Assertion Markup Language).
You can read the full help guide page for User Management here.
What is SAML?
SAML is an acronym used to describe the Security Assertion Markup Language (SAML). Its primary role in online security is that it enables you to access multiple web applications using one set of login credentials. It works by passing authentication information in a particular format between two parties, usually an identity provider (idP) and a web application.
What is ADFS
Active Directory Federation Services (AD FS) is the claim-based single sign-on (SSO) solution provided by Microsoft. It facilitates access to all integrated applications and systems with just your Active Directory (AD) credentials. To use AD FS, run it on Windows Server after installing the role in Server Manager. It is part of AD services.
On this page: