Secure Mobile Access 12.4 Administration Guide

Using Your SMA Appliance as a SAML Identity Provider

With Secure Mobile Access 12.4, your SMA appliance can become an on-box SAML Identity Provider (IdP), improving security for customers using cloud-based applications such as Salesforce or Office365.

The Secure Mobile Access appliance can:

  • Behave as an Identity Provider

  • Support web browser SSO profiles

  • Support HTTP POST/Redirect Binding for SAML requests

A SAML IdP provides user information (after authentication) to other applications using the SAML protocol. These applications can be configured to trust an Identity Provider for the authentication of their users. After the IdP has authenticated users’ credentials, it will redirect the users to the application, passing along any required user attributes, such as an email address or user name. Having your applications configured to trust an IdP can eliminate the need for users to login into each of the applications individually when they access them.

SAML authentication is supported on Tunnel clients (Connect Tunnel, and Mobile Connect Tunnel). Enable the clients to authenticate against third party SAML IdP servers. For more details, refer respective Connect Tunnel Client User Guide.

You can also configure external SAML Service Providers as resources. You should configure each service provider as a separate SAML Service Provider resource. See Adding Resources for more information.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.