Fortinet Document Library

Version:

Version:


Table of Contents

Handbook

Download PDF
Copy Link

SAML and SSO

Web Single Sign-on (SSO) is an approach that allows single sign-on (SSO) for multiple web applications that have established a common agreement on how to exchange user information. End users provide their credentials only once and are recognized by all of the Web applications, even if they are deployed in different domains and use different identity stores. Web SSO also allows the use of a single identity store by all of the Web apps.

Security Assertion Markup Language (SAML) defines an XML-based framework for describing and exchanging security information among online business entities. It is the most popular protocol for implementing Web SSO.

The SAML protocol has two components—the Service Provider (SP) and the Identify Provider (IDP). They use SAML-defined formatted XML to talk to each other and deliver the identity information called Authentication Assertion.

FortiADC support SAML 2.0, which offers the following benefits:

  • Provides support for service provider (SP) and Identity Provider (IDP) Metadata
  • Provides single sign-on (SSO) experience for all virtual server resources linked with the user log-in

Functioning as an SP, FortiADC supports the following IDPs:

  • FortiAuthenticator (Factory default)
  • Shibboleth
  • OpenAM/OpenSSO

SAML and SSO

Web Single Sign-on (SSO) is an approach that allows single sign-on (SSO) for multiple web applications that have established a common agreement on how to exchange user information. End users provide their credentials only once and are recognized by all of the Web applications, even if they are deployed in different domains and use different identity stores. Web SSO also allows the use of a single identity store by all of the Web apps.

Security Assertion Markup Language (SAML) defines an XML-based framework for describing and exchanging security information among online business entities. It is the most popular protocol for implementing Web SSO.

The SAML protocol has two components—the Service Provider (SP) and the Identify Provider (IDP). They use SAML-defined formatted XML to talk to each other and deliver the identity information called Authentication Assertion.

FortiADC support SAML 2.0, which offers the following benefits:

  • Provides support for service provider (SP) and Identity Provider (IDP) Metadata
  • Provides single sign-on (SSO) experience for all virtual server resources linked with the user log-in

Functioning as an SP, FortiADC supports the following IDPs:

  • FortiAuthenticator (Factory default)
  • Shibboleth
  • OpenAM/OpenSSO