Advanced Search
Search Results
78 total results found
Soffid IdP as an identity broker
Introduction An Identity Broker is often part of a a Single Sign-On Architecture as an an intermediary service that connects multiple Service Providers with different Identity Provider (IDP)s. Soffid IdP can act as an identity broker. This means that So...
CAS Example
Service Provider
SCIM Entity Group examples
Operations This page shows the functions that can be performed for the Entity Group object. List all Request GET http://<your-domain>/soffid/webservice/scim2/v1/EntityGroup Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2...
OpenID-Connect architecture
Introduction OpenID is based on the well known protocol. It is easier to implement and deploy, as it does not require digital signature or encryption. The drawback is that it is significantly less secure. For example, the single logout protocol is not finish...
SAML architecture
Introduction SAML is the most complete, secure, and mature solution to get identity federation. SAML defines three main kinds of servers: Federation metadata server. Publishes information about the federation members, its protocols, and capabilities. Any f...
How to perform unsolicited login
Soffid Identity Provider supports unsolicited login (Idp initiated login) profile. In order to enable it, you must be sure that federation metadata for the target service provider allows it. It is configured using the AuthnRequestsSigned attribute of the SPS...
CAS
Definition Cas protocol is rarely used. Screen overview Standard attributes Class: class name (readOnly field). Enabled: if it is checked (the selected option is Yes) that protocol will be enabled.
Radius
Definition Networking protocol that authorizes and authenticates users who access a remote network. Screen overview Standard attributes Class: class name (readOnly field). Enabled: if it is checked (selected option is Yes) that protocol will be enable...
Radius (Remote Authentication Dial-In User Service)
Introduction The Radius protocol (Remote Authentication Dial-In User Service) is a networking protocol that authorizes and authenticates users who access a remote network. https://es.wikipedia.org/wiki/RADIUS
OpenID-Connect example
Identity Provider Service Provider
External oAuth / OpenID Identity Providers
Introduction Soffid federation can be composed by a mix of SAML and oAuth / OpenID-connect servers. In such a scenario, Soffid IdP is able to let users be identified by oAuth servers like Linked-in, Google or Facebook, perform all the provision tasks requir...
CAS architecture
Introduction The CAS is a Single Sign On protocol for the web. This protocol allows users to access multiple applications by providing their credentials. The response will be a JSON or XML Single Log-in The single log-in is usually initiated by the appl...
Profiles
Description A profile is a protocol or subset of protocols implemented by the Identity Provider. There are some accepted protocols, those allows a custom config dependent on the selected profile. The accepted protocols are the following: 1. OpenIDProfile 2...
CAS (Central Authentication Service)
Introduction The CAS protocol is a simple and powerful ticket-based protocol. It involves one or many clients and one server. Clients are embedded in CASified applications (called “CAS services”) whereas the CAS server is a standalone component. The Cas ...
SAML2ECPProfile
Definition The Enhanced Client Profile is used when the Service Provider is not a web application. Nowadays, it is rarely used, as most mobile applications have shifted to OAuth or OpenIDConnect. When you are configuring the profile, you could define what da...
SAML1AttributeQueryProfile
Definition Based on SAML version 1 standard. This profile is used when the SSOProfile does not include attributes statements in the assertion. This profile allows to the applications request user data. When you are configuring the profile, you could define w...
SAML2ArtifactResolutionProfile
Definition Based on SAML version 1 standard. This profile is used when the Service Provider wants to resolve or check a received assertion. The profile configuration settings are quite similar to those present in SAML2SSOProfile. When you are configuring the...
SAML2SSOProfile
Definition This is the most commonly used SAML profile. It allows the IdP to identify users and to give such information to Service Providers. This profile is used to log in. When you are configuring the profile, you could define what data will be encrypted ...
SAML2AttributeQueryProfile
Definition Based on SAML version 1 standard. This profile is used when the SSOProfile does not include attributes statements in the assertion. This profile allows to the applications request user data. When you are configuring the profile, you could define w...
SCIM Federation Members examples
Operations This page shows the functions that can be performed for the Federation Member object. List all Request GET http://<your-domain>/soffid/webservice/scim2/v1/FederationMember Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:...