Skip to main content
  • Bravura Security Fabric Documentation
  • Configuration
  • Login Process
  • Authentication chains: Bravura Security Fabric as identity provider

Authentication chains: Bravura Security Fabric as identity provider

Bravura Security Fabric can act as an IdP for any SAML-compliant application. Bravura Security currently ships out-of-the-box templates for the following service providers:

  • Microsoft Office 365/Azure.

  • Bamboo HR

  • Hitachi Content Platform Anywhere (HCP Anywhere).

  • YouTrack.

  • Active Directory Federated Services (ADFS)

  • Google Applications (Mail, Calendar, etc.).

  • WebEx.

  • Salesforce.

As an identity provider, Bravura Security Fabric provides unified third-party authentication for a variety of federation-capable applications using the Bravura Security Fabric login process, reducing the burden of managing multiple app-specific credentials. Once users authenticate they are redirected back to the application along with a cryptographically signed SAML assertion indicating who they are (identity), and what they may access (authorization).

Authentication sequence

The sequence for this externalized authentication is as follows:

  1. A user accesses application at URL A.

  2. URL A (the SP) redirects the user to Bravura Security Fabric at URL B.

  3. The user enters their login ID into Bravura Security Fabric .

  4. Bravura Security Fabric prompts for appropriate credentials. Different users may be asked for different sequences of credentials, based on their group memberships and/or identity attributes.

  5. Bravura Security Fabric generates a SAML 2.0 assertion, indicating who the user is and what they are allowed to access.

  6. The user is redirected back to URL A, with the signed assertion.

Configuration

Configuring Bravura Security Fabric as an identity provider requires the following administrator rights:

  • "Manage policies" to access the Authentication chains menu item.

  • "Manage external data store" to access the Manage external data store menu item.

To configure Bravura Security Fabric as an IdP and integrate an SP:

  1. Prepare Bravura Security Fabric as an IdP.

  2. Add a service provider.

    If your SP has a pre-configured template, follow the general procedure to add a service provider to the Bravura Security Fabric IdP server . A sample use case is provided for a Salesforce Service Provider .

    or

    If support for your service provider is not pre-configured in Bravura Security Fabric , follow the procedure to add a service provider that is not pre-configured in Bravura Security Fabric . A sample use case is provided to configure Bravura Security Fabric as an SP and integrate with a Bravura Security Fabric IdP server

In this section: