Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

Security Assertion Markup Language (SAML) - Overview

SAML is an XML-based standard for web browser single sign-on (SSO) that eliminates application-specific passwords. SAML uses single-use, expiring, digital tokens to exchange authentication and authorization data between an Identity Provider (IdP) and Service Provider (SP) that have an established trust relationship.

Benefits of Implementing SSO

Implementing SSO provides time-saving benefits, major benefits include:

  • Improved productivity by not entering password each time. Thus, saving time.
  • Reduction in the frustration of multiple log-on events and forgotten passwords.
  • Increased adoption where SSO reduces the barriers of use for resources. Since it is easier to access applications, users will start using them more.
  • Centralized user access control where a single registry of user identities with a centralized management interface allows quick and easy provisioning and deactivating of users.
  • Improved reporting and monitoring through a single repository for auditing and logging access to resources provides streamlined regulatory compliance.
  • Increased security through a secure, enterprise-wide infrastructure with common password and security policies that can be centrally managed and secured.

How SAML Works?

SAML provides a secure, XML-based solution for exchanging user security information between an identity provider (your company) and a service provider (adeptia.com). There are three roles involved:

  • an identity provider (the asserting party),
  • a service provider (the relying party relying on the assertion), and

  • a user (the subject of the assertion).

The identity provider is the authority system that holds information about users. The service provider is the system, in this case adeptia.com, that trusts the identity provider's user information, and uses the data to provide access to the service or application. The user and their identity combined are known as the subject.

The IdP stores information about the user in a database.  The user connects to SP and SP delegates authentication request to IdP. The IdP validates the user against its identity database. It then sends a SAML assertion about that user to the service provider. The SP then gives the user access to the application.

 

  1. Create Users in Adeptia and same users exist in Company's IdP server.
  2. Company's user access Adeptia Login page and Adeptia calls Company IdP via SAML for authentication.
  3. If user is already logged into Company's IdP then Adeptia receives a SAML response with logged in User ID.
  4. Adeptia takes the User ID and fetches the user information from the Adeptia User Management and logs the user into Adeptia.

The first step for integrating SAML is to upload Adeptia Suite metadata to IdP server you are using. For information on how to upload, refer to Uploading Adeptia Suite metadata to IdP server.

  • No labels