Skip to main content
Advanced Search
Search Terms
Content Type

Exact Matches
Tag Searches
Date Options
Updated after
Updated before
Created after
Created before

Search Results

62 total results found

Federation

Web SSO

Soffid
3
Addon
Federation

OpenID-Connect architecture

Federation OpenID-Connect

Introduction OpenID is based on the well known protocol. It is easier to implement and deploy, as it does not require digital signature or  encryption. The drawback is that it is significantly less secure. For example, the single logout protocol is not finish...

Soffid
3
Addon
Federation
OpenId Connect
Architecture

Connecting Soffid console

Federation Connecting Service Providers

Introduction Soffid console has a built-in SAML client, so it can act as a service provider in Soffid federation. It is interesting to use this configuration, as it allows you to enforce the use of two factors authentication to log into the Soffid console. R...

Soffid
3
Addon
Federation

Connecting a SAML service

Federation Connecting Service Providers

Introduction To connect a SAML service provider, the service provider must offer you its SAML metadata. The SAML metadata contains information about its public id, the services that implements and the service endpoints. Register a SAML service provider 1. O...

Soffid
3
Addon
Federation
SAML

Connecting an OpenID Connect service

Federation Connecting Service Providers

Introduction There are three basic OpenID flows, depending whether the service name must be authenticated using its client secret or not: OpenID flow Implicit flow The Service Provider sends the user to the IdP. The IdP authenticates the user. The ...

Soffid
3
Addon
Federation
OpenId Connect

How to enable Kerberos authentication

Federation

Step-by-step To enable the kerberos authentication method, the identity provider must have a keytab file that enables it to authenticate users. The steps to get it are described below: 1. First of all, you need to create a net user. You can use the old-fashi...

Soffid
3
Addon
Federation
Kerberos

Change Password URL

Federation How to deploy the identity & service pr...

There is a service point to allow users change their passwords. Simply redirect the user to: https://servername:port/protected/changePassword The user will be required to enter identify itself and enter a new password. Optionally, you can enter a web page ...

Soffid
3
Addon
Federation

How to deploy the identity & service provider

Federation How to deploy the identity & service pr...

Step-by-step 1. To deploy the identity provider is advisable to install a dedicated sync server. It can be configured as a proxy sync server as it does not need direct access to Soffid database. Instead, it will connect to main sync servers to get users and f...

Soffid
3
Addon
Federation

Condition for Adaptive authentication

Federation

Introduction When the authentication is being defined, Soffid allows you to add some adaptive authentications in addition to the Authentication methods. Those adaptive authentications will be evaluated, and when the result of the condition will be true, the r...

Soffid
3
Addon
Federation
Authentication

SAML1ArtifactResolutionProfile

Federation Profiles

Definition Based on SAML version 1 standard. This profile is used when the Service Provider wants to resolve or check a received assertion. Screen overview Standard attributes Class: class name (readOnly field). Enabled: if it is checked (selected opt...

Soffid
3
Addon
Federation
Profiles
SAML
1

OpenIDProfile

Federation Profiles

Definition The Identity Provider will serve the OpenID-Connect protocol. It is possible to accept the default endpoints or modify them. You can check the server features visiting https://<YOUR-IdP>/.well-known/openid-configuration. That JSON gives you inform...

Soffid
3
Addon
Federation
Profiles
OpenId Connect

Identity & Service providers

Federation Web SSO

Description Soffid Identity Federation addon helps administrators to manage an Identity Federation. With Soffid you can manage the whole federation security configuration, increasing the security while reducing the federation management costs. Soffid can also...

Soffid
3
Addon
Federation

Attribute sharing policies

Federation Web SSO

Description After defining the attributes to publish, it’s required to write a policy that defines which attributes will be allowed to share with each service provider. Soffid allows you to define security rules that apply to any attribute that should be del...

Soffid
3
Addon
Federation

Attribute definition

Federation Web SSO

Description The attribute definition page displays all the auto-generated user attributes. Those attributes will be the attributes to deliver from the identity providers to the service providers depending on the defined rules. Soffid has a default implementa...

Soffid
3
Addon
Federation

⏰ Getting started

Federation Web SSO

Introduction To configure the Web SSO you must complete the next steps 1. Attribute definition: add the necessary attributes if they are not in the list. 2. Attribute sharing policies: define the proper attribute sharing policies to determine which attrib...

Soffid
3
Addon
Federation

OpenID-Connect

Federation OpenID-Connect

Introduction OpenID is an open standard and decentralized authentication protocol.  It allows users to be authenticated by cooperating sites (known as relying parties, or RP) using a third-party service, eliminating the need for webmasters to provide their ...

Soffid
3
Addon
Federation
OpenId Connect

SAML

Federation

Soffid
3
Addon
Federation
SAML

SAML architecture

Federation SAML

Introduction SAML is the most complete, secure and mature solution to get identity federation. SAML defines three main kind of servers: Federation metadata server. Publishes information about the federation members, its protocols and capabilities. Any fede...

Soffid
3
Addon
Federation
SAML
Architecture

SAML (Security Assertion Markup Language)

Federation SAML

Introduction Security Assertion Markup Language is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. It is an identity federation protocol, born in 2...

Soffid
3
Addon
Federation
SAML

Virtual Identity Provider

Federation Federation members

Definition A single identity provider usually offers different profiles or service levels to diffeferent service provider. To be able to define this behavior, any Identity Provider can be split into many virtual identity providers. Those identity providers wi...

Soffid
3
Addon
Federation

Entity Group

Federation Federation members

Description An entity group is just like a folder that allows you to manage different kinds of federation members. One of the most common ways to group federation members is by trust level. When you create an entity group, the Identity Providers and the Serv...

Soffid
3
Addon
Federation

CAS

Federation

Soffid
3
Addon
Federation
Cas

How to deploy the identity & service provider

Federation

Soffid
3
Addon
Federation

Identity Broker

Federation

Soffid
3
Addon
Federation

Web services reference

Federation

Soffid
3
Addon
Federation
WS reference

Connecting Service Providers

Federation

Soffid
3
Addon
Federation

Profiles

Federation

Soffid
3
Addon
Federation
Profiles
SAML
OpenId Connect

Federation members

Federation

Soffid
3
Addon
Federation

Web SSO

Federation

Soffid
3
Addon
Federation

OpenID-Connect

Federation

Soffid
3
Addon
Federation
OpenId Connect

Connecting your custom applications

Federation Connecting Service Providers

Introduction SAML 2.0 is a complex and not easy to implement standard. There are some libraries that can help somewhat, but a correct implementation needs a deep knowledge of SAML protocol, and is always hard to test and debug. To make it easier, Soffid prov...

Soffid
3
Addon
Federation