Single Sign-On (SSO) centralizes authentication by designating an Identity Provider (IdP) tasked with processing login requests from authorized, SSO-enabled applications that are referred to as Service Providers (SPs). Users authenticate into integrated services (SPs) using a single account orchestrated by the IdP, reducing the growth of unnecessary credentials.
Spirion’s Sensitive Data Manager (SDM) Console supports SSO and comes configured by default to function as an SP for federated authentication using SAML 2.0. It is initially set for Microsoft’s Active Directory Federation Services (ADFS) as the IdP, though alternative Identity Providers can be configured as well.
Ping Identity’s PingOne, for example, is a cloud-hosted identity and access management solution that can be configured to facilitate federated SSO as an IdP for both on-prem and cloud applications.
Requirements
Before working on the steps outlined in datasheet below, please confirm the following:
- The latest SDM console is accessible.
- HTTPS routing has been enabled for the SDM console.
- A PingOne tenant is available for configuration.
- For each active “role” used in the SDM console, a corresponding “group” must be identified for association from the IdP user directory.
- For example, the “Administrator” default role in SDM should have a corresponding user group such as “Spirion Admin” assigned to the relevant user(s) for proper authentication.
Spirion Products:
Sensitive Data Manager Only
Released:
07/15/2024
Files:
Data sheet: Single Sign-On for the SDM Console with PingOne Cloud IdP
