Search Results

Premises 1. An Organizational Unit has been defined as Role holder Yes. 2. Several groups have been defined with type organizational unit with role holder Yes. 3. An attribute sharing policy has been defined. 4. Indicates which Service Providers will...

You can consult the list of Soffid attributes: User Object Account Object Group Object Role Object Grant Object Maillist Object Membership Object dispatcherService Authoritative change object User object A user objects are maps that hold the...

Introduction Active Directory Back Channel refers to a mechanism that allows Soffid to synchronize user information with an external Active Directory (AD) server in real-time or near real-time (Password synchronizer). This synchronization ensures that both So...

Description Operators can define the subnets that compose the internal network, in order to manage the IP address space. The main goal is to manage a limited resource as the IP address is. Soffid supports both static and dynamic IP assignments. Anyway, stati...

Description This wizard allows you to add a new Service Provider, that is, to configure an application that relies on an Identity Provider (IdP) to authenticate users and provide access to its services. To be able to add new applications (SP), you must insta...

Description This wizard will help you to configure multi-factor authentication in order to expand security. This process requires users to provide two or more forms of identification before being granted access to a system or application. For more informatio...

Description Adaptive authentication rules are a set of security policies and mechanisms that adjust authentication requirements. These rules determine the strength of authentication required for each user, based on factors such as their location, device, past...

Definition Soffid could use different kinds of external authentication sources. These mechanisms could be selectively enabled or disabled. Screen overview Standard attributes Global status Soffid server host name Enforce TLS connections t...

Introduction Description This connector implements the LDAPS protocol and it is used to connect the Sync-Server with every server that allows this communication protocol. Managed System This connector has been performed to connect to the Active Directory s...

The purpose of this tutorial is to show how to install Jump servers and configure PAM using Kubernetes, to use critical resources without knowing the password required. Jump Server A jump server, jump host or jump box is a system on a network used to acces...

The purpose of this tutorial is to show how to install Jump servers and configure PAM using Dockers, to use critical resources without knowing the password required. Jump Server A jump server, jump host or jump box is a system on a network used to access a...

Description The Delegation Roles Process type is used to allow the users to delegate temporary their own permissions.  That process is defined by default with 3 steps, but you can add new, delete and update steps to customize your business process.  Start...

Description The Permission Request Process type is used to define business processes to request permissions. That process is defined by default with 4 steps, but you can add new, delete and update steps to customize your business process.  Start Approve ...

Description The Account Reservation Process type is used to configure the use of privileges accounts. That type of process will be launched when the end-users want to connect to a system using a privileged account through the password vault. Soffid allows yo...

Definition Here is an explanation about how to configure the ESSO profile by using Soffid as Identity Provider. Please note that the profile parameters will be automatically updated on the PCs. Screen overview Standard attributes Class: class name (...

Introduction Soffid ESSO is a full Enterprise Single Sign on solution. Here you can find the details about the ESSO +3.5.0-enterprise installation. Supported platforms Soffid ESSO supports Windows XP or later workstations. Windows Interactive installatio...

Introduction Adaptive authentication is designed to improve the security of online accounts by adding an additional layer of protection against unauthorized access. When the authentication is being defined, Soffid allows you to add some adaptive authenticati...

Description Sync server is the engine responsible for connecting Soffid with data sources or managed systems. Soffid allows you to configure different synchronization servers. These synchronization servers are installed and configurated using command line to...

Title Necessary authorization to use pam service. Affected Product Code Base Soffid Console - 3.6.31 Descripition Recently the Soffid IAM team detected and corrected a low vulnerability that had been detected in the product's Console. This vulnerability r...

Description Soffid console provides an option that allows you to customize policies to assign or revoke roles automatically to specific users. To assign or revoke roles, the users must comply with the defined requirements. That option allows you to Preview c...