Banner Default Image

SAML Authentication

What is SAML Authentication?

SAML Authentication is a method of identity verification that leverages an identity provider to authenticate users centrally to a broad range of unaffiliated websites. By relaying the authentication process to a single trusted identity provider, organizations realize numerous security, administration and cost savings benefits, and above all, relieve users of the need to maintain dozens of different usernames and passwords.

Created by the OASIS non-profit consortium, SAML, or the security assertion markup language, is an open-source XML standard, or protocol, for exchanging authentication and authorization information between an identity provider, such as SafeNet Trusted Access, and a relying party or service provider, meaning a cloud or web app, such as such as Office 365, Salesforce, AWS, Zendesk, DropBox etc.

Token-based authentication, security token services, federated authentication and identity federation are all terms that describe the capabilities that a SAML identity provider offers.

How does SAML Authentication Work?

1. With SAML authentication, each time a user accesses an app, the authentication process is relayed to the SAML identity provider.
2. The user enters their credentials (e.g. password, OTP, contextual attributes), which are then verified by the identity provider.
3. The identity provider returns an access or reject response in the form of a SAML assertion. If authentication is successful, the user is granted access to the resource, and if not, access is denied.

SAML Authentication

 

What is the User Experience with SAML Authentication?

1. A user accesses an app, and is redirected to the identity provider for authentication.
2. They enter their credentials into the login portal.
3. Upon successful authentication, they are logged in to the resource.

 

Benefits of SAML Authentication in the Enterprise

  • A single user identity for all resources
  • 20% lower help desk costs
  • Reduced risk of a data breach
  • Single pane management of apps and identities

Why SafeNet Trusted Access for SAML Authentication?

SAMLEach cloud and web application works with a different set of SAML attributes, which may include one or more of various fields such as User ID, email address, group membership, postal address, alias and others. Therefore, in order to successfully integrate a central SAML identity provider with a cloud or web app, the identity provider must be able to provide these details in the SAML assertion.

SafeNet Trusted Access makes it a breeze to apply single sign on using SAML authentication, as it offers a catalogue of pre-integrated applications. Just add the cloud or web app that you already use today, and start applying Smart Single Sign-On with business-driven access policies.

Access Management Risk Assessment Tool

Access Management Risk Assessment Tool

How are you securing your cloud apps? Learn where you are in your cloud adoption journey and how best to secure your apps simply and securely.

How To Set Up An Identity Provider In Minutes For Single Sign-On

webinar image

Extending Access Management and Single Sign-On to Microsoft AD FS

Organizations are in various stages of moving to the cloud. For those still using AD FS, applying conditional access and the appropriate authentication method is a natural way of applying next generation access management capabilities to their existing environment. Learn how Smart Single Sign On extends the capabilities of regular federation frameworks and how to benefit from adaptive authentication and conditional access while using AD FS.

Access Management Handbook – eBook

Access Management Handbook – eBook

Over the years, you may have heard a lot about access management. In fact, we tended to use the terms “authentication” and “access management” pretty much to mean the same thing. But in fact there are differences between the two. While authentication validates a user’s...

5-things-to-check-image

Best Practices for Securing Office 365 with Access Management

A record number of organizations are moving to Office 365. While offering cloud efficiencies, this move can make organizations more vulnerable to phishing attacks, credential compromise and ultimate data breaches. Learn how to secure O365 at the access point with the appropriate authentication method.