2018-06-26
1.2.1
Telmo Martins
All
All
Connectors
[Overview]
IdP Server is a generic federated identity provider (IdP). It allows to authenticate any user from a SP client. With this component when the users access to a web portal with Single Sign-on from an SP client, they are redirected to a web page of this component (known as the enterprise's login manager) where they are prompted to enter their enterprise user name and password. Upon verification of the user’s cresentials, the component informs the SP client of the verified identity for the user who is logging in, and the user is redirected back to the end user portal website. The IdP server supports SAML 2.0 protocol. Also supports APIs for authentication (though SAML 2.0 messages) for any mobile app (OutSystems mobile apps no longer requires InApp browser plugins alongside with this IdP server). Tested with some SP clients like IdP connector and SimpleSAML
[Detail]
Feature List
Support SAML 2.0 HTTP-POST and HTTP-Redirect binds
Support SOAP binding for a logout initiated by IdP server (the most common use for SOAP binding) and initiated by the SP
Support multiple IdP Issuers/Entities (for the most scenarios is not needed to configure more than one IdP Issuer/Entity)
Support to Signed Authn Requests
Allows admin users to kill SAML session from the admin BackOffice
Export of IdP xml metadata file to provide to SP clients
Import of SP xml metadata file to auto configure a SP client
Allows to generate automatically a KeyStore with a self-sign certificate and RSA keys (usefull for dev/test environments)
Easily extended, namely to add more claims, according to the business needs
Note: if you have this component alongside with IdP connector on the same OS server/environment, you must not use the same UserProvider for both.