Do you currently use Shibboleth and Azure AD or ADFS?
Are your users having to login multiple times to different SSO systems, defeating the object of "Single Sign On"?
Wouldn't you love to have one login for users, instead of having to log in to Shibboleth and Azure AD, or ADFS separately?
Well now you can, with SAAM.
SAAM is short for Shibboleth Azure AD, or ADFS Authentication Module
It allows you to bridge the authentication between shibboleth and ADFS or Azure AD. This means that as soon as a user logs in to either a Shibboleth or Azure AD or ADFS resource they will automatically be logged into both SSO systems.
Here is a quick video demonstration of SAM in action at the University of Dundee:
I'll start by logging in to Shibboleth resource Digimap.
As you can see I'm presented with the UK federation discovery service.
I choose University of Dundee. I'm then directed to the Azure AD login.
I log in with my Azure AD account. I'm then redirected back to the Shibboleth RDP and authenticated without having to log in again.If I then access Azure AD resource, such as outlook, I can now seamlessly move to that resource without being prompted to log in again.
I could have also started this process with logging in to an Azure AD first and the process would have been just as seamless. It's important to note, your users will only ever see one login screen for the browser session. Or with ADFS they will be seamlessly logged in if they are on a domain connected machine.
There are many benefits to using SAM, however, here are a few:
- Seamless login between Azure AD or ADFS and Shibboleth
- Single login page with a consistent design
- Use Microsoft products to authenticate to Microsoft products and Shibboleth for Federated Access
- SAAM is easy and it's a fully managed setup and support contract provided by Overt Software.
If you would like to learn more about SAAM, please get in touch with Overt Software at firstname.lastname@example.org