miniOrange Identity Broker
No need to understand complex SSO Protocols
Easy to perform SSO with any Identity provider
Provides stable, fast and secure 24/7 access to your online service
Search Results:
×miniOrange Identity Broker
No need to understand complex SSO Protocols
Easy to perform SSO with any Identity provider
Provides stable, fast and secure 24/7 access to your online service
Identity broker provides an intermediate service to perform single sign-on (sso) between identity provider and service provider. Identity brokering is a way through which you can create a link between your providers following different protocols. Not every user knows how protocols like SAML, OpenID, OAUTH or CAS works and where they can be used, in that case it gets complicated to implement such protocols and it is also expensive and time consuming.
miniOrange Identity Broker can integrate any type of app following any standard protocol like SAML, OpenID, OAUTH or CAS.Identity Broker service hides all the complexity of these protocols and the only thing you need to know is how to call an HTTPs endpoint which is very much simpler than understanding all these different standards. miniOrange Identity Broker connects all known SPs and IDPs like ADFS, Okta, salesforce, SimpleSamlPhp, Shibboleth, PING, RSA, Centrify, One Login, miniOrange or any other SSO identities.
It supports Cross Protocol i.e.you can configure any Service Provider following a particular protocol with an Identity Provider following some different protocol.
No need to understand or implement complex SSO protocols like SAML, OpenID, OpenID Connect, WS Feed, OAuth, or any other. Instead, you can just call the HTTPs endpoints.
You can configure any IDP of your choice including OKTA, PING, RSA, Centrify, Google, Facebook, Linkedin and even a customized one.
So, we’ll be seeing how miniOrange provides its broker services. Earlier we have seen how identity broker works and provides a platform where we can configure Service Providers and Identity Providers following different protocols.To better understand how Identity Broker works, we'll consider some of the examples and see how it goes.
Taking ADFS as our IDP which supports SAML protocol and an external application “Cordova”, we’ll authenticate our mobile application through ADFS using JWT Tokens. miniOrange solution allows you to login to your mobile app with ADFS.
Using our Identity Broker service, you can configure any OAuth Provider that supports OAuth to Single Sign-On (SSO) into apps that support other protocols such as SAML, OpenID Connect, JWT, and so on.
You can configure any IDP like AD, OpenDS, which supports LDAP to single sign-on into apps which don’t support any protocol or support protocols like OAuth, OpenID Connect, JWT, etc. for single sign-on.
Security Assertion Markup Language (SAML) is an XML standard that allows secure web domains communication of identities and organization. SAML is a framework for exchanging user authentication and authorization data. Using SAML, a service provider can contact a separate identity provider to authenticate users who are trying to access secure content.
Identity Provider creates, maintains and manages identity information and provides authentication to other service providers. It issues an authentication assertion in SAML SSO. The Identity Provider can functions as an authentication and an attribute authority by including attribute assertion in the response.
Service Provider act as a relying party in SAML SSO which receives and accepts authentication and authorization(assertion) from identity provider. Service Provider provides services to principals or other system entities.
The most use case addressed by SAML is web browser SSO. SAML SSO works by transferring a users identity from one place(identity provider) to another(service provider) by exchanging the digitally signed XML documents. Let's assume the user is in the SSO environment and act as an identity provider where he wants to log in to a remote application(the service provider).
SAML SSO will eliminate password issues such as reset and recovery, which will reduce the time to recover old passwords.
With SAML you don't have to maintain an account for multiple services. The identity provider will take burden for authentication and authorization.
Without any authentication, a user can access multiple service provider by signing in just once which allows a faster and better experience at each service provider.
SAML is a standard format which allows interoperating with any system independent of implementation.It takes away the common issues associated with vendor and platform-specific approaches.
SAML does not require maintaining and synchronized user information between directories.
Our Other Identity & Access Management Products