Ask or search…
K

Feature Overview

Explore SAML SSO fundamentals and benefits with ADFS on EnGenius Cloud

SAML SSO Intro

SAML (Security Assertion Markup Language) is a protocol for authentication and authorization that allows users to securely access multiple applications with a single set of credentials. It strengthen security and simplify the sign-in process that makes organizations easier to deploy SSO (Single Sign-On) across their systems or applications.
The feature integrates SAML SSO with ADFS to streamline user authentication across different services that an organization uses.
At its core, SAML involves three participants:
  • The User - This is the individual trying to access a service (the EnGenius Cloud).
  • The Identity Provider (IdP) - This is the trusted entity that verifies the user's credentials, like usernames and passwords, and any associated groups or attributes. It's usually a login portal.In this context, is the ADFS
  • The Service Provider (SP) - This is the service or application the user is trying to use, which, in this context, is the EnGenius Cloud.

Use Cases of SAML SSO with ADFS

  1. 1.
    Centralized Authentication for Corporate Applications:
    • SAML SSO with ADFS enables employees to access various enterprise applications, including HR systems, email, and CRM tools, using a single credential set, reducing the necessity for multiple usernames and passwords.
  2. 2.
    Integrating with Cloud Services:
    • Using SAML SSO with ADFS streamlines employee access to cloud services like Microsoft Office 365, Salesforce, and third-party cloud platforms, ensuring secure and user-friendly authentication.

SAML Login Options

EnGenius Cloud provides two SAML login options with ADFS integration: IdP-Initiated and SP-Initiated. The choice depends on your administrators' preferred user experience and your business's IdP protocols. Both methods are compatible and can be used together. This article explains the SAML setup compatible with both IdP-Initiated and SP-Initiated SAML.

IdP-Initiated SAML

IdP-Initiated SAML is ideal for organizations with a standard login portal for app and service access. This guide outlines the fundamental setup for the IdP-Initiated SAML with ADFS.

User Flow for IdP-Initiated SAML:

  1. 1.
    Log in through the ADFS portal
  2. 2.
    Choose the desired service (such as the EnGenius Cloud)
  3. 3.
    User authentication by ADFS
  4. 4.
    Get redirected to the EnGenius Cloud
IdP-Initiated SAML

SP-Initiated SAML

Choose SP-Initiated SAML for direct login via the EnGenius Cloud (SSO URL), especially if you don't use a separate login portal.

SP-Initiated SAML User Flow:

  1. 1.
    Begin at the EnGenius Cloud (SSO URL)
  2. 2.
    Get redirected to your IdP (ADFS login portal)
  3. 3.
    Choose the desired service (such as the EnGenius Cloud)
  4. 4.
    User authentication by ADFS
  5. 5.
    Get redirected to the EnGenius Cloud
SP-Initiated SAML
EnGenius Cloud SSO URL
The EnGenius Cloud SSO URL, customizable for easy recall via the MSP Portal GUI, links to and redirects users to the specific IdP's login portal.