Skip to end of banner
Go to start of banner

Windows Authentication

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Current »

Windows Auth Single Sign-On

Windows authentication is a commonly used authentication mechanism, EmpowerID provides you the ability to log in to EmpowerID using Windows credentials. If you do have users who are already part of a network domain, you can leverage the windows authentication single sign-on to provide access to all participating applications in EmpowerID. Windows authentication is provided as a Security Assertion Markup Language (SAML) exchange identity provider in EmpowerID.

By using Windows SSO in EmpowerID your users can gain simple one-click access to all their applications with a single set of credentials. A complete tutorial to set up Windows Auth for SSO is provided here Windows Auth.

Remote Windows Identity Provider

Not just single sign-on, EmpowerID allows organizations to extend authentication to partner organizations without requiring that partner to have a Federation server or be licensed to use EmpowerID. Remote Windows Identity Provider (IdP) is a lightweight component that can be installed on a remote IIS server in AD domains where EmpowerID is not installed. Once the component has been installed, the authenticates them against their on-premise Active Directory and securely transfers the SAML claim to EmpowerID for authentication purposes.

Remote IdP is an important tool to manage security with partners by building them a hassle-free and trusted mechanism for authentication. Remote Windows Identity Provider provides detailed information about this component of EmpowerID.

  • For users to log in to EmpowerID using their Windows credentials, they must have user accounts either in the domain being protected by EmpowerID or in a domain trusted by that domain.

  • EmpowerID provides Remote Windows Identity Provider, a tool that allows organizations to extend authentication to partner organizations without requiring that partner to have a Federation server or be licensed to use EmpowerID.

  • No labels