Technical and Access Requirements

The Single Sign-On Connector has been developed using SAML 2.0 Standards. The Single Sign-On Connector is installed by default and does not require a separate license.

Before you start

Before you configure the Single Sign-On Connector it is recommended that you highlight the Single Sign-On Connector and select the button in the toolbar to ensure the connector is installed correctly. See Testing Connectors for details on how to do this.

We advise you to disable IIS Windows Authentication and ASM Integrated Security to ensure a consistent user experience.

The examples use Microsoft Active Directory Federation Services (ADFS). However, other Federated Identity Providers are supported as long as they adhere to SAML 2.0 standards.

The following Identity Providers have been certified by Alemba®:

  • Active Directory Federation Services

  • ADFS Proxy

  • Azure ADFS

  • Azure Premium is recommended if you want to be able to modify the Identity Provider Claim Rules.

  • Ping Federate

When a web request is received using a URL which has a configured Service Provider, that request will be authenticated using SSO, irrespective of other authentication settings.

Supported Interfaces

Single Sign-On is supported for the following ASM Interfaces:

ASM Interface

SSO Supported

ASM Core

YES

ASM Core Portal

YES

ASM Nano

YES

The Single Sign-On Connector supports Azure Multi-Factor authentication, further details can be found in the topic on Azure Multi-factor Authentication.

Copyright 2023 Alemba, ASM EOS 10.4