Search Results

Definition Based on SAML version 1 standard. This profile is used when the SSOProfile does not include attributes statements in the assertion. This profile allows to the applications request user data. When you are configuring the profile, you could define w...

Definition This is the most commonly used SAML profile. It allows the IdP to identify users and to give such information to Service Providers. This profile is used to log in. When you are configuring the profile, you could define what data will be encrypted ...

Definition Based on SAML version 1 standard. This profile is used when the Service Provider wants to resolve or check a received assertion. The profile configuration settings are quite similar to those present in SAML2SSOProfile. When you are configuring the...

Definition Based on SAML version 1 standard. This profile is used when the SSOProfile does not include attributes statements in the assertion. This profile allows to the applications request user data. When you are configuring the profile, you could define w...

Definition The Enhanced Client Profile is used when the Service Provider is not a web application. Nowadays, it is rarely used, as most mobile applications have shifted to OAuth or OpenIDConnect. When you are configuring the profile, you could define what da...

Introduction The CAS protocol is a simple and powerful ticket-based protocol. It involves one or many clients and one server. Clients are embedded in CASified applications (called “CAS services”) whereas the CAS server is a standalone component. The Cas ...

Introduction The CAS is a Single Sign On protocol for the web. This protocol allows users to access multiple applications by providing their credentials. The response will be a JSON or XML  Single Log-in The single log-in is usually initiated by the appl...

Identity Provider Service Provider

Service Provider

Introduction The Radius protocol (Remote Authentication Dial-In User Service) is a networking protocol that authorizes and authenticates users who access a remote network. https://es.wikipedia.org/wiki/RADIUS

Definition Networking protocol that authorizes and authenticates users who access a remote network. Screen overview Standard attributes Class: class name (readOnly field). Enabled: if it is checked (selected option is Yes) that protocol will be enable...

Definition Cas protocol is rarely used. Screen overview Standard attributes Class: class name (readOnly field). Enabled: if it is checked (the selected option is Yes) that protocol will be enabled.

Soffid Identity Provider supports unsolicited login (Idp initiated login) profile. In order to enable it, you must be sure that federation metadata for the target service provider allows it. It is configured using the AuthnRequestsSigned attribute of the SPS...

Introduction SAML is the most complete, secure, and mature solution to get identity federation. SAML defines three main kinds of servers: Federation metadata server. Publishes information about the federation members, its protocols, and capabilities. Any f...

Introduction OpenID is based on the well known protocol. It is easier to implement and deploy, as it does not require digital signature or  encryption. The drawback is that it is significantly less secure. For example, the single logout protocol is not finish...

Operations This page shows the functions that can be performed for the Entity Group object. List all Request GET http://<your-domain>/soffid/webservice/scim2/v1/EntityGroup Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2...

Operations This page shows the functions that can be performed for the Federation Member object. List all Request GET http://<your-domain>/soffid/webservice/scim2/v1/FederationMember Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:...

 TACACS+ is a security protocol that provides centralized validation of users who are attempting to gain access to a router or other devices. TACACS+ is a protocol for AAA services: Authentication Authorization Accounting https://www.rfc-edi...

Service Provider

Service Provider Information Systems When a Tacacs Service Provider is created, Soffid creates an Information System There are some roles defined for this Information System (0: anonymous, 1: user, ....15: root)