Search Results

SCIM protocol provides a language to search and filter resources. Please browse the standard specifications in this link: https://tools.ietf.org/html/rfc7644#section-3.4.2.2 Example To search all users having "John" as name: http://<domain>/webservice/scim...

Installation Download Please download the Soffid SCIM add-on. You can download it at the following link http://www.soffid.com/download/enterprise/  if you have Soffid user with authorization, or in the following http://download.soffid.com/download/ by regis...

Introduction Soffid has implemented a version of the SCIM protocol 2.0. Some optional recommendations have also been included to improve the usage of this specification within the Soffid context. This functionality is available only by installing the SCIM ad...

REST clients Any REST client may be used to test and consume our SCIM REST web service. RESTer In this case, we will show the usage with RESTer, a browser extension available for Chrome and Firefox. This extension may be added from these links: Chrome, Fir...

What is SCIM? SCIM is a standard created to simplify user management in the cloud by defining a schema for representing users and groups with a REST API for all the necessary CRUD operations. This standard could be extended to other resources like accounts, ...

Please note that the SCIM REST Web Service Add-on installed must be installed, please check this part in How to use SCIM in Soffid # Installation Please note that a user with the authentication is required, please check this part in How to use SCIM in Soffid ...

This topic will cover the process to create a two node Maria DB cluster. The cluster will be configured to allow Soffid console to use either database node, which in turn will replicate data changes to the other one. Node 1 action Node 2 acti...

Description An entity group is just like a folder that allows you to manage different kinds of federation members. One of the most common ways to group federation members is by trust level. When you create an entity group, the Identity Providers and the Serv...

Definition A single identity provider usually offers different profiles or service levels to diffeferent service provider. To be able to define this behavior, any Identity Provider can be split into many virtual identity providers. Those identity providers wi...

Introduction Security Assertion Markup Language is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. It is an identity federation protocol, born in 2...

Introduction OpenID is an open standard and decentralized authentication protocol.  It allows users to be authenticated by cooperating sites (known as relying parties, or RP) using a third-party service, eliminating the need for webmasters to provide their ...

Introduction To configure the Web SSO you must complete the next steps 1. Attribute definition: add the necessary attributes if they are not in the list. 2. Attribute sharing policies: define the proper attribute sharing policies to determine which attrib...

Description Soffid Identity Federation addon helps administrators to manage an Identity Federation. With Soffid you can manage the whole federation security configuration, increasing the security while reducing the federation management costs. Soffid can also...

Definition The Identity Provider will serve the OpenID-Connect protocol. It is possible to accept the default endpoints or modify them. You can check the server features visiting https://<YOUR-IdP>/.well-known/openid-configuration. That JSON gives you inform...

Definition Based on SAML version 1 standard. This profile is used when the Service Provider wants to resolve or check a received assertion. Screen overview Standard attributes Class: class name (readOnly field). Enabled: if it is checked (selected opt...

Introduction OpenID-Connect has a clear design suitable for both frontend and backend. SAML has a clear design for the frontend, but the backend usage is harder as the security in SAML cannot be placed at transport layer. Instead, in must be placed at docume...

Definition This operation allows to validate the user domain and return the IDP ower of the user. URL <console-domain>/webservice/federation/rest/validate-domain Method POST Headers Accept = “application/json” Content-Type = “application/...

Definition This operation allows to validate the credentials of the user against Soffid. URL <console-domain>/webservice/federation/rest/validate-credentials Method POST Headers Accept = “application/json” Content-Type =...

Definition This operation allows to close a session created by either validate-credentials or parse-saml-response. If you want to get real global logout, this method invocation is not enough. You should also use the generate-saml-logout-request method. ...