Technical and Access Requirements
The Single Sign-On Connector has been developed using SAML 2.0 Standards. The Single Sign-On Connector is installed by default and does not require a separate license.
Before you start
Before you configure the Single Sign-On Connector it is recommended that you highlight the Single Sign-On Connector and select the button in the toolbar to ensure the connector is installed correctly. See Testing Connectors for details on how to do this.
We advise you to disable IIS Windows Authentication and ASM Integrated Security to ensure a consistent user experience.
The examples use Microsoft Active Directory Federation Services (ADFS). However, other Federated Identity Providers are supported as long as they adhere to SAML 2.0 standards.
The following Identity Providers have been certified by Alemba®:
Active Directory Federation Services
ADFS Proxy
Azure ADFS
Azure Premium is recommended if you want to be able to modify the Identity Provider Claim Rules.
Ping Federate
When a web request is received using a URL which has a configured Service Provider, that request will be authenticated using SSO, irrespective of other authentication settings.
Supported Interfaces
Single Sign-On is supported for the following ASM Interfaces:
ASM Interface | SSO Supported |
ASM Core | YES |
ASM Core Portal | YES |
ASM Nano | YES |
The Single Sign-On Connector supports Azure Multi-Factor authentication, further details can be found in the topic on Azure Multi-factor Authentication.