Authentication chains: SAML

Bravura Security Fabric supports a federated authentication model using the Security Assertions Markup Language (SAML 2.0). Depending on requirements, Bravura Security Fabric can be configured to act as either an Identity Provider (IdP), or as a Service Provider (SP).

Bravura Security Fabric as Identity Provider

As an Identity Provider, Bravura Security Fabric provides unified third-party authentication for a variety of federation-capable applications (Service Providers or SPs) using a Bravura Security Fabric login process, reducing the burden of managing multiple app-specific credentials. Once users authenticate they are redirected back to the application along with a cryptographically signed SAML assertion indicating who they are (identity), and what they may access (authorization).

The Scenario.hid_saml_idp component installs the functionality to allow Bravura Security Fabric to act as an SAML Identity Provider , enabling it to authenticate end users on behalf of a variety of web applications.

Implementing SAML federated login redirects users attempting to access supported web applications to Front-end , reducing the number of accounts a user needs to manage, while allowing you to enforce your business’ security policies through authentication chains.

For details see Authentication chains: Bravura Security Fabric as identity provider .

Bravura Security Fabric as Service Provider

Bravura Security Fabric can be configured to operate as a Service Provider, accepting third-party authentication assertions from a trusted Identity Provider. This functionality is installed via the Scenario.hid_authchain_saml_sp component, and must be configured before use.

For details see Authentication chains: Bravura Security Fabric as service provider .