Managing digital access across different platforms and systems has become increasingly complex for many organisations. In a recent fireside chat hosted by Overt Software Solutions, the discussion focused on SAAM (Shibboleth Azure AD / ADFS Module), a bridging solution developed to unify and secure authentication across academic and enterprise environments. This blog captures the key insights from the session, which was recorded on 9 May 2025.

What Are the Key Benefits of Integrating Shibboleth with Azure AD/ADFS through SAAM?

One of the central discussions during the session was around the integration of Shibboleth with Entra ID (formerly Azure AD) via SAAM. This integration simplifies access control, enhances security, and improves regulatory compliance.

A major highlight is the ability to incorporate Entra MFA into existing login workflows. This brings a much-needed extra layer of security without disrupting the user experience. Users benefit from a single authentication process while organisations maintain robust protection for their digital resources. With SAAM, security is strengthened without introducing additional complexity.

How Does SAAM Facilitate Seamless Single Sign-On for Users Across Academic and Enterprise Environments?

SAAM operates as a bridge between traditional SAML-based authentication (used by Shibboleth) and the Entra ID ecosystem. This allows for seamless single sign-on (SSO) by translating authentication protocols into a unified experience.

Before implementing SAAM, organisations often have disjointed login experiences. For example, users may need to authenticate separately to Office 365 and other institutional systems. After adopting SAAM, all services align under a single Entra ID login, streamlining the authentication process. This consistency not only reduces login fatigue but also lowers helpdesk calls related to password resets.

What Challenges Do Organisations Face When Using Separate Access Management Systems, and How Does SAAM Address These Issues?

When institutions use multiple access management systems, it often results in an inconsistent user experience and fragmented security controls. Users encounter different login pages depending on the service, which can cause confusion and erode trust.

SAAM addresses this by standardising the login interface across all services. It replaces fragmented authentication methods with a single, secure Entra ID login page. Beyond user experience, SAAM also closes security gaps by enabling conditional access policies, multi-factor authentication, and compliance with Microsoft security standards. This approach reduces the likelihood of authentication failures and unauthorised access.

Can You Share Some Hypothetical Scenarios Where SAAM Has Significantly Improved Collaboration Between Institutions?

The fireside chat included practical scenarios illustrating SAAM in action. One involved a consortium of universities collaborating on an artificial intelligence research project. Initially, researchers faced issues due to disparate login systems, which slowed down access and compliance efforts. By introducing SAAM, users could authenticate using their home institution credentials, while gaining access to shared resources through a unified system. This streamlined collaboration and ensured compliance with each university's security policies.

Another example featured a partnership between a hospital network and a university research team. With strict data privacy requirements such as HIPAA and GDPR, the institutions needed a way to manage access securely. SAAM enabled hospital staff to use their existing credentials to access research tools. Features like role-based access control (RBAC) and conditional access helped maintain data integrity and auditability.

What Considerations Should Organisations Keep in Mind When Transitioning to SAAM from Their Existing Access Management Systems?

Transitioning to a new system is always a sensitive process. Organisations should plan for potential downtime and user impact. In environments with load-balanced servers, the SAAM bridge can be tested on a non-active node before going live. For those without such infrastructure, scheduling work during off-peak hours is crucial.

Training is another key element. Someone within the organisation must configure a non-gallery application in Entra ID to support the SAAM setup. Staff involved in access management will also need training to understand SAAM configuration and usage. With these considerations addressed, the transition can be smooth and minimally disruptive.

How Does SAAM Support Compliance with Regulatory Requirements in Different Sectors?

Compliance is a major concern, particularly in sectors like healthcare and education. SAAM supports this by implementing strict security controls and audit mechanisms that align with legal frameworks such as HIPAA and GDPR.

Centralised logging, RBAC, and support for multi-factor authentication are key features that help organisations meet regulatory standards. These mechanisms ensure that user actions can be tracked and access can be limited based on roles, providing a secure and compliant environment for sensitive data.

Fireside Chat Q&A: Audience Questions

The session concluded with a live Q&A, where audience members posed questions around SAAM's capabilities.

One common query was about the number of Identity Providers (IdPs) that SAAM can support. There is no strict limit, though system resources and the complexity of each IdP setup may affect performance. SAAM is flexible and can accommodate multiple upstream IdPs as required.

Another question focused on whether SAAM could bridge to IdPs other than Entra ID, such as Ping Identity. SAAM's design primarily focuses on bridging to Entra ID as the destination. While it can accept upstream IdPs like Ping or ADFS, its purpose is not to act as a general SAML proxy, but to facilitate secure access to Microsoft environments.

The Key Takeaways

The fireside chat offered a detailed look into the challenges and solutions in access management today. SAAM stands out as a bridging tool that not only simplifies login processes but also enhances security, user experience, and compliance.

If you missed the live session, you can still catch the replay on our YouTube channel. Grab our 20 percent discount by watching the replay and following the link in the video description. Hit the button and learn more about how SAAM could align with your organisation's access management goals.


Tags


You may also like