You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.
Single Sign-On
Standards-Based Federation Server
EmpowerID is a Cloud Single Sign-On and Identity Federation platform that supports all major identity protocols including OpenID Connect and SAML. EmpowerID’s Federation server acts as a flexible authentication hub designed to work with any Identity Provider (IdP) and easily connect users with SaaS and even homegrown applications. It enables users to sign-in once in any trusted source (Active Directory, Google, Facebook, Office 365, etc.) to gain access to all participating applications. The EmpowerID Federation server also supports your mobile and microservice application developers with an integrated Security Token Service (STS) and OAuth Server supporting the latest standards and offering an easy to use API.
SSO Application Dashboard
With a single set of credentials users gain simple one-click access to all their applications in the Cloud and on-premise from any of their devices. Users sign into their personalized web portal with existing credentials to access assigned business apps with one click. Simple, easy to use SSO is a first step in building trusted experiences for your workforce, customers, and partners. EmpowerID’s policy-driven adaptive multi-factor authentication ensures that only authorized users get access to sensitive data. Friendly self-service interfaces empower users to claim their accounts, register for new accounts and use a simple click-to-authenticate process to access all on-premise and Cloud applications. SSO, using Web Access Management or password vaulting are transparent to users, who only need to input one username and password at one screen for access to all their applications.
Social Login
EmpowerID allows users to login using their Social Media credentials from services such as Twitter, LinkedIn, Facebook, Google+, or almost any other social media provider. Implementing Social login with EmpowerID is easy and provides a friction-free sign-up and sign-in processes for customers and partners.
Active Directory Integration
Single sign-on to web applications is seamless for corporate users who have already been authenticated with their Windows domain. Internal employees are automatically logged in to web applications based on their trusted Windows login. Partners can be provided with the same capability allowing them to use their own corporate credentials without requiring complicated federation connections. EmpowerID provides a lightweight authentication utility that integrates Active Directory with no need to install EmpowerID on remote networks.
Integrate with Existing Systems
Many organizations already have an SSO infrastructure in place, so the ability to integrate with these systems is key. EmpowerID's broad support for federation standards makes it easy to integrate with existing SSO solutions such as Microsoft ADFS, Ping, Okta, OneLogin and others. The seamless integration allows users an uninterrupted SSO experience regardless of which identity they select for authentication or application to which they wish to login.
In EmpowerID, Multi-factor authentication (MFA) is a flexible, configurable points-based system that lets you define trust points for objects in EmpowerID and provide a target point number required to authenticate to EmpowerID, and to access any third-party applications secured by EmpowerID.
Getting Started
Overview of EmpowerID Federation
Configuring SSO Connections