Federation
Web SSO
Introduction to Identity Federation
What is Identity Federation? A federated identity in information technology is the means of link...
SAML
OpenID-Connect
CAS
Radius
TACACS+
Tacacs+
TACACS+ (The Terminal Access Controller Access-Control System Plus)
TACACS+ is a security protocol that provides centralized validation of users who are attemptin...
TACACS+ architecture
Introduction
TACACS+ Example
Service Provider Information Systems When a Tacacs Service Provider is created, Soffid create...
WS-Fed
WS-Federation
WS-Fed
WS-Federation (Web Services Federation) is an Identity Federation specification WS-Federation ...
WS-Fed Architecture
Introduction WS-Federation (Web Services Federation) is an Identity Federation specification Si...
WS-Fed Example
Steps Attribute definition First of all, will be mandatory to create two new attributes Use...
How to install Federation in Soffid?
Installation Download Please download the Soffid Federation add-on. You could download it at t...
Web SSO
⏰ Getting started
Introduction To configure the Web SSO you must complete the next steps 1. Attribute definitio...
Attribute definition
Description The attribute definition page displays all the auto-generated user attributes. Those...
Attribute sharing policies
Description After defining the attributes to publish, it’s required to write a policy that defin...
Identity & Service providers
Description Soffid Identity Federation addon helps administrators to manage an Identity Federati...
Shared signals & events members
Federation members
Entity Group
Description An entity group is just like a folder that allows you to manage different kinds of f...
Identity Provider
Description An identity provider (abbreviated IdP or IDP) is a system entity that creates, mai...
Service Provider
Definition The Service Providers are standard applications that rely on Identity Providers to le...
Virtual Identity Provider
Definition A single identity provider usually offers different profiles or service levels to dif...
Profiles
Profiles
Description A profile is a protocol or subset of protocols implemented by the Identity Provider....
OpenIDProfile
Definition The Identity Provider will serve the OpenID-Connect protocol. It is possible to accep...
SAML1ArtifactResolutionProfile
Definition Based on SAML version 1 standard. This profile is used when the Service Provider want...
SAML1AttributeQueryProfile
Definition Based on SAML version 1 standard. This profile is used when the SSOProfile does not i...
SAML2ArtifactResolutionProfile
Definition Based on SAML version 1 standard. This profile is used when the Service Provider want...
SAML2AttributeQueryProfile
Definition Based on SAML version 1 standard. This profile is used when the SSOProfile does not i...
SAML2ECPProfile
Definition The Enhanced Client Profile is used when the Service Provider is not a web applicatio...
SAML2SSOProfile
Definition This is the most commonly used SAML profile. It allows the IdP to identify users and ...
CAS
Definition Cas protocol is rarely used. Screen overview Standard attributes Class: class ...
Radius
Definition Networking protocol that authorizes and authenticates users who access a remote netwo...
Condition for Adaptive authentication
Introduction Adaptive authentication is designed to improve the security of online accounts by a...
How to deploy the identity & service provider
How to deploy the identity & service provider
Step-by-step 1. To deploy the identity provider is advisable to install a dedicated sync server....
Change Password URL
There is a service point to allow users change their passwords. Simply redirect the user to: h...
How to perform unsolicited login
Soffid Identity Provider supports unsolicited login (Idp initiated login) profile. In order to ...
How to enable Kerberos authentication
Step-by-step To enable the kerberos authentication method, the identity provider must have a key...
Connecting Service Providers
Connecting an OpenID Connect service
Introduction There are three basic OpenID flows, depending whether the service name must be auth...
Connecting a SAML service
Introduction To connect a SAML service provider, the service provider must offer you its SAML me...
Connecting Soffid console
Introduction Soffid console has a built-in SAML client, so it can act as a service provider in t...
Connecting your custom applications
Introduction SAML 2.0 is a complex and not easy to implement standard. There are some libraries ...
Openid-connect to SAML interoperability
Introduction OpenID-Connect has a clear design suitable for both frontend and backend. SAML has...
Openid-connect Dynamic Register
Introduction Openid-connect allows a service provider registers dynamically other service provid...
Connecting CAS client
Introduction The CAS protocol is a simple and powerful ticket-based protocol. It involves one or...
Connecting Tacacs+
Introduction TACACS (Terminal Access Controller Access Control System) is a security protocol th...
Connecting Radius client
Introduction The Radius protocol (Remote Authentication Dial-In User Service) is a networking pr...
Web services reference
validate-domain
Definition This operation allows to validate the user domain and return the IDP ower of the us...
validate-credentials
Definition This operation allows to validate the credentials of the user against Soffid. ...
expire-session
Definition This operation allows to close a session created by either validate-credentials o...
generate-saml-request
Definition This operation allows to generate a SAML request to an external IDP. URL ...
parse-saml-response
Definition This operation allows to validate a SAML response generated by another external I...
generate-saml-logout-request
Definition This operation allows to generate a SAML logout request to be sent to a IdP s...
Connecting Office 365
Introduction You can use an Identity Provider defined into Soffid to connect to Office 365. You ...
Server certificate management
There are two options for certificate management 1. The easiest, fast and cheap one: Do not cr...