Advanced Search
Search Results
240 total results found
Radius Example
Service Provider
TACACS+ Example
Service Provider Information Systems When a Tacacs Service Provider is created, Soffid creates an Information System There are some roles defined for this Information System (0: anonymous, 1: user, ....15: root)
SAML Example
Service Provider
How to install Role mining in Soffid
Installation Download Please download the Soffid Role mining add-on. You could download it at the following link http://www.soffid.com/download/enterprise/ if you have a Soffid user with authorization, or in the following http://download.soffid.com/download...
Connecting Office 365
Introduction You can use an Identity Provider defined into Soffid to connect to Office 365. You only need to register the Office 365 metadata into a Soffid Service Provider and register the Identity Provider Metadata into your Office 365. At this tutorial So...
Introduction to Role mining
What is Role mining? Role mining is a process of analyzing user permissions and activities within an organization's information systems to identify common patterns of access and activity. The goal of role mining is to create roles or groups of users with simi...
Recertifications to do
Description When a campaign is run, the pending recertifications will be displayed in the Recertifications to-do list of the proper user who has to Accept or Deny the recertification. The user who has to manage the recertification can delegate it as well to a...
Step 4.2. Create an agent (Optional)
That step will be an optional step, and it will be mandatory only when the SQL Server agent or the Oracle agent was not created previously on Soffid Console and you need to add a database to manage its accounts. Step-by-step 1. First of all, to create an a...
Step 4.3. Reconcile (Optional)
To request the accounts you must launch the reconciliation process. The main purpose of reconciling process is to provide a mechanism to ensure that all users are aligned on the specific roles and responsibilities. Step-by-step 1. First of all, you need to...
Introduction to Identity Federation
What is Identity Federation? A federated identity in information technology is the means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems. The federation is a system of trust between two par...
Radius architecture
Introduction Access Reject: The user is unconditionally denied access to all requested network resources. Reasons may include failure to provide proof of identification or an unknown or inactive user account. Access Challenge: Requests additional infor...
TACACS+ architecture
Introduction
Connecting an OpenID Connect service
Introduction There are three basic OpenID flows, depending whether the service name must be authenticated using its client secret or not: OpenID flow Implicit flow The Service Provider sends the user to the IdP. The IdP authenticates the user. The ...
Connecting a SAML service
Introduction To connect a SAML service provider, the service provider must offer you its SAML metadata. The SAML metadata contains information about its public id, the services that implement and the service endpoints. Register a SAML service provider 1. Op...
Connecting Soffid console
Introduction Soffid console has a built-in SAML client, so it can act as a service provider in the Soffid federation. It is interesting to use this configuration, as it allows you to enforce the use of two factors authentication to log into the Soffid console...
Connecting your custom applications
Introduction SAML 2.0 is a complex and not easy to implement standard. There are some libraries that can help somewhat, but a correct implementation needs a deep knowledge of SAML protocol, and is always hard to test and debug. To make it easier, Soffid prov...
Openid-connect Dynamic Register
Introduction Openid-connect allows a service provider registers dynamically other service providers. Dynamic Register To dynamically register a client, acquire an initial access token, and then register the new application by using the registration API. You...
Connecting CAS client
Introduction The CAS protocol is a simple and powerful ticket-based protocol. It involves one or many clients and one server. Clients are embedded in CASified applications (called “CAS services”) whereas the CAS server is a standalone component. Register CAS...
Connecting Tacacs+
Introduction TACACS (Terminal Access Controller Access Control System) is a security protocol that provides centralized validation of users who are attempting to gain access to a router or NAS TACACS+ is a protocol for AAA services: Authentication Author...
Connecting Radius client
Introduction The Radius protocol (Remote Authentication Dial-In User Service) is a networking protocol that authorizes and authenticates users who access a remote network. Register a Radius client 1. Open the Identity & Service Provider page. Main Menu > A...