DotNetNuke Single Sign-On (SSO)
The DotNetNuke is a CMS designed to be adaptable to all types of businesses. Whether you sell products online or not, DotNetNuke helps you manage all different types of your website content. DNN provides a consistent user-interface experience across all administrative fields. Wherever users/managers are updating, editing or creating content, the dashboards are similar, recognizable and easy to navigate.
miniOrange DotNetNuke (DNN) SAML 2.0 Single Sign-On(SSO) acts as a SAML Service Provider which can be configured to establish the trust between the connector and a SAML capable Identity Provider to securely authenticate the users into your application.
The connector uses the SAML protocol for exchanging authentication and authorization data with the Identity Provider.
miniOrange DotNetNuke(DNN) SAML 2.0 Single Sign-On(SSO) Features
- Signing: Choose Signed Response and assertion to determine whether SAML authentication response message is digitally signed by the IDP. You can sign authentication request using signing algorithms like RSA-SHA1, RSA-SHA256, DSA-SHA1 etc. Download the certificate and provide it to Idp so that it can validate the signature.
- Encryption: Choose whether SAML authentication response message is encrypted or not. Encryption algorithms like Triple-DES, RSA etc. can be used to encrypt the SAML assertion.
- SAML Login Binding Types: We support Http-Redirect and Http-Post login binding types.
- Single Logout: We supports SAML SLO. You can logout of all your applications by a single click which will trigger SAML SLO flow by notifying the existing session participants.
- Attribute Mapping: Map users attribute to session variables, which can be retrieved and used at the application endpoint.
- Role Mapping: Assign specific roles to users of a certain group in your IdP.
Why Single Sign-On?
- miniOrange SSO has inbuilt integration with Legacy Apps such as Active Directory , Siteminder, Unix, RADIUS and also comes with support for OpenID, OAuth, SAML, ADFS and WSFED protocols.
- Support for remote Logins such as Radius VPN, Website Protection, ADFS, Windows, Citrix.
- You login to one cloud app and you don't need to authenticate separately to the rest of them.
miniOrange supports both IdP (Identity Provider) and SP (Service Provider) initiated Single Sign On (SSO)
- IdP Initiated Single Sign On (SSO)
In IdP Initiated Login, SAML request is initiated from miniOrange IdP.
- Enduser first authenticates through miniOrange Idp by login in to miniOrange Self Service Console.
- The Enduser will be redirected to their account by clicking the app icon on the Enduser Dashboard - there is no need to login again.
- SP Initiated Single Sign On (SSO)
In SP Initiated Login, SAML request is initiated by service provider.
- An Enduser tries to access their account by going to their app domain.
- They will be redirected to miniOrange Self Service Console.
- Here they can enter the miniOrange login credentials and login to their account.
2 Step Verification (Two Factor)
Risk Based Access
- miniOrange Fraud Prevention product dynamically analyzes user requests and apply business security policies to application access which minimizes the risks of unauthorized access.
- miniOrange Fraud Prevention complements the existing traditional access controls by using contextual elements (e.g. device, location, time of access and user behavior) to allow for a more dynamic policy decision.
You can configure the miniOrange DotNetNuke SAML 2.0 Single Sign-On (SSO) with any Identity Provider such as ADFS, Azure AD, Bitium, Centrify, G Suite, JBoss Keycloak, Okta, OneLogin, Salesforce, AWS Cognito or even with your own custom identity provider.