Security Assertion Markup Language 2.0 (SAML 2.0) is a version of the SAML OASIS standard for exchanging authentication and authorization data between security domains. SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal (usually an end-user) between an identity provider (IdP) and a service provider (SP, usually a web service or cloud application). SAML 2.0 enables web-based authentication and authorization scenarios including Single Sign-On (SSO).
DualShield unified authentication platform includes a Single Sign-On server that is fully compliant to SAML 2.0 standard.
The complete solution consists of the following components:
- DualShield Authentication Server
- DualShield SSO Server (IdP)
- Third-Party SAML 2.0 enabled application (SP)
For a SAML enabled application, such as Google Apps and Salesforce, DualShield Single Sign-On server acts as an identity provider that authenticates users and provides information used to authorize users.
When a user attempts to login to a cloud or web application that is SAML 2.0 enabled and integrated with DualShield SSO, the request is automatically redirected to DualShield SSO. DualShield SSO parses the request, authenticates the user with multi-factor authentications and to an organization’s AD/LDAP directory, and generates a SAML response to the cloud or web application. Once successfully verified, the user is automatically logged in to the application.