Search Results
-
SAML Username and token
Updated on: Mar 20, 2024
Performing this scenario will produce a SAML IDP with Username & token authentication using either Active Directory, LDAP or SQL database as the primary userstore. Be sure to have configured "Keystore" & "SAML meta upload" scenarios prior to executing this scenario.
This article will use LDAP as the primary user store.
-
SAML One Touch
Updated on: Mar 20, 2024
Performing this scenario will produce a SAML IDP using the PhenixID One Touch token as primary identification mechanism.
No user input is required. Identification is done through either QR code or "app switching".
A good idea is to enable one or more of the applications used for issuing One Touch profiles.
This article will use LDAP as the primary user store.
-
SAML Username & OTP
Updated on: Mar 20, 2024
Performing this scenario will produce a SAML IDP with Username, Password & second factor (via text message sent to users mobile phone OR mail message sent via smtp) authentication using either Active Directory, LDAP or SQL database as the primary userstore. Be sure to have configured "Keystore" & "SAML meta upload" scenarios prior to executing this scenario. Either a message gateway account (with PhenixID message gateway) or a smtp account will be used.
This article will use LDAP as the primary user store.
-
SAML Single Sign-On
Updated on: Mar 20, 2024
Performing this scenario will produce a SSO SAML headless authenticator, which creates an assertion based on current session. Be sure to have configured a SAML authenticator, "Keystore" & "SAML meta upload" scenarios prior to executing this scenario.
-
SAML - Use the same authenticator for multiple SAML service providers
This document describes how to configure the system to handle multiple service providers in one SAML authentication scenario.
-
SAML - Header based authentication
Updated on: Jun 22, 2020
The purpose of this document is to describe how to configure PhenixID server for federation with SAML2 using Header Based authentication as an authentication method for PhenixID server.
This authenticator is used in a scenario where you have another security front end, such as a reverse proxy, that stands in front of PhenixID server. The front end server is also responsible of validating the user. The front end proxy needs to pass the username (or other attribute identifying the user) to the back end server (PhenixID server) as a request header.
-
SAML - Configure DigestMethod algorithm
Updated on: May 05, 2020
This document describes how to change SAML Signature DigestMethod algorithm. Default value is currently SHA1.
The reader of this document should have some basic knowledge about PhenixID Server.
We will make changes to phenix-store.json, so make sure to have a recent copy/backup of this file.
-
SAML - Configure SignatureMethod algorithm
Updated on: Oct 03, 2019
This document describes how to change SAML Signature SignatureMethod algorithm. Default value is currently SHA256.
The reader of this document should have some basic knowledge about PhenixID Server.
We will make changes to phenix-store.json, so make sure to have a recent copy/backup of this file.
-
SAML - Windows SSO authentication
Updated on: Dec 07, 2022
The purpose of this document is to describe how to configure PhenixID server for federation with SAML2 using Windows SSO (Kerberos or NTLM) authentication.
-
SAML Resolve Request Properties
Updated on: Nov 14, 2023
This document describes the "resolveSAMLRequestProperties"-configuration parameter present in most SAML authenticators in PAS 4.7 or higher.