Windows Authentication

Windows Auth Single Sign-On

Windows authentication is a commonly used authentication mechanism, EmpowerID provides you the ability to log in to EmpowerID using Windows credentials. If you do have users who are already part of a network domain, you can leverage the windows authentication single sign-on to provide access to all participating applications in EmpowerID. Windows authentication is provided as a Security Assertion Markup Language (SAML) exchange identity provider in EmpowerID.

By using Windows SSO in EmpowerID your users can gain simple one-click access to all their applications with a single set of credentials. A complete tutorial to set up Windows Auth for SSO is provided here Windows Auth.

Remote Windows Identity Provider

Not just single sign-on, EmpowerID allows organizations to extend authentication to partner organizations without requiring that partner to have a Federation server or be licensed to use EmpowerID. Remote Windows Identity Provider (IdP) is a lightweight component that can be installed on a remote IIS server in AD domains where EmpowerID is not installed. Once the component has been installed, the authenticates them against their on-premise Active Directory and securely transfers the SAML claim to EmpowerID for authentication purposes.

Remote IdP is an important tool to manage security with partners by building them a hassle-free and trusted mechanism for authentication. Remote Windows Identity Provider provides detailed information about this component of EmpowerID.

  • For users to log in to EmpowerID using their Windows credentials, they must have user accounts either in the domain being protected by EmpowerID or in a domain trusted by that domain.

  • EmpowerID provides Remote Windows Identity Provider, a tool that allows organizations to extend authentication to partner organizations without requiring that partner to have a Federation server or be licensed to use EmpowerID.

 

Related Docs Topics:

Windows Auth

Remote Windows Identity Provider