OATH Event, Time and Challenge -based
RCDevs Single Sign-On Solution
RCDevs provides a Web SSO Identity Provider application (IdP) which supports both the OpenID-Connect and SAMLv2 standards. The SSO application is a WebADM WebApp. OpenID-Connect is an open standard where users can log into OpenID-enabled websites using a completely decentralized authentication system. SAML is another federation protocol which is generally used to implement single sign-on to corporate Web sites and applications. RCDevs OpenID / SAML Identity Provider works with both OpenOTP and TiQR authentication back-ends. With TiQR, your users will authenticate by simply scanning a QRCode on the login page. The RCDevs SSO solution supports PKI-based authentication too (with client certificates).
When users enter a website with SSO, a security association is established between the website, the user and the identity provider. The user is redirected to the identity provider for a trusted authentication process.
Compared to other OpenID and SAML implementations, the RCDevs’ SSO solution is very easy to implement: Provided that you already have a working WebADM server with OpenOTP and/or TiQR, the setup just consists in adding the OpenID/SAML WebApp in WebADM. With OpenID, you need to configure a the client id and secrets in the application configuration. Please read included documentation or contact RCDevs for implementation details.
RCDevs SSO login can use One-Time Password technologies (OTP), Universal Second Factor (U2F), QRCode login (TiQR) and even client certificates
RCDevs OpenID IdP supports all the commonly used single-sign-on protocols:
- SAML v2 with SSO Login and SSO Lougout
- OpenID v1.1 & v2.0 is deprecated and has been removed
RCDevs SAML supports two working modes: POST redirects where the service provider application redirects the users to the identity provider and an IdP-initiated login mode where the users log on the identity provider portal first. In this second mode the SSO portal proposes a list of Cloud applications. The user clicks the application’s icon (SalesForce, SugarCRM Cloud or even Citrix meeting services) to log on the target application.
MAIN KEY FEATURES
Check OpenOTP and TiQR products for more features
- Supports SAML 2.0 AuthnRequests and logoutRequests
- Supports IdP-initiated SAML requests for Cloud SSO
- Returns group memberships and configurable user attributes
- Very easy configuration for corporate SAML with metadata URL
- Supports OpenID-Connect and OAuth2
- Supports OpenID user profile scopes
- Uses all RCDevs authentication backends (OTP, U2F, TiQR)
- Supports OTP with OATH, MobileOTP, SMSOTP, MailOTP, Yubikey
- Supports full PKI authentication with client certificates