Security Assertion Markup Language (SAML) is a standard protocol for web browser Single Sign-On (SSO) using secure tokens. SAML completely eliminates all passwords and instead uses standard cryptography and digital signatures to pass a secure sign-in token from an identity provider to a SaaS application. If you are an IT administrator, SAML can help you securely eliminate passwords and deploy applications much faster. If you are an application vendor, SAML can help you secure your application, reduce development costs and reach greater and faster adoption.
SAML is an XML-based open standard and the product of the OASIS Security Services Technical Committee. The vast majority of common SaaS vendors, such as Salesforce, Google and Microsoft already support SAML as a way to secure user logins and enable IT to roll out application access faster and more securely. In addition, it is easy to SAML-enable internal or custom web apps in as little as a few hours using one of OneLogin’s open source SAML Toolkits. SAML-enabling apps using other vendors can cost hundreds of thousands of dollars a year in fees, but is free as part of the OneLogin community.
SAML uses secure tokens which are digitally signed and encrypted messages with authentication and authorization data, such as a user’s email and company role. These tokens are passed from an identity provider to a cloud application with an established trust relationship. The standards-based nature of SAML delivers interoperability across identity providers and a common way for apps to sign-in users based on trusted information without managing credentials.
If you don’t have a password for an app, you can’t be tricked into entering it on a fake login page.
Streamlined, one-click access from portals or the intranet, deep linking, password elimination, and automatically renewing sessions make life easier for the user. One browser redirect is all it takes to securely sign a user into an application.
SAML simplifies life for IT because it centralizes authentication, provides greater visibility and makes directory integration easier. These are some of the reasons why enterprises love SAML. And if you’re a B2B cloud vendor, you should support it, too. SAML-based applications work perfectly with OneLogin’s Zero-Config Active Directory Connector, which allows users to sign into applications with their Windows credentials.
Thousands of security-conscious SaaS vendors have leveraged OneLogin’s free, open-source SAML toolkits to give their customers cloud-based identity management with SSO, directory integration, and MFA.
OneLogin is pre-integrated via SAML with a wide range of enterprise applications, such as Salesforce, WebEx, Workday, Google Apps, AtTask, LotusLive, OpenAir, Yammer, Zendesk, just to name a few.
OneLogin is pre-integrated with thousands of apps so can you get single sign-on for everything you use.
No implementation costs.
No start-up fees.