Introduction to Single Sign-On (SSO)

Download this manual as a PDF file

This section is intended for administrators who create and manage user accounts. This section assumes that you are familiar with Single Sign-On (SSO). If you are not familiar with SSO, you will need to work with your SSO administrator to perform the tasks in this section.

Use the following menu options to navigate the SL1 user interface:

  • To view a pop-out list of menu options, click the menu icon ().
  • To view a page containing all of the menu options, click the Advanced menu icon ().

What is SSO?

SSO (Single Sign-On) allows a user to provide credentials only once and then be authenticated on multiple (or all, depending on configuration) applications. SL1 uses SAML (Security Assertion Markup Language) version 2.0 to exchange information with an IdP (identity provider). An IdP stores information about users in a database, frequently LDAP or Active Directory. In the SAML model, SL1 is considered a service provider.

SSO Terminology

  • SSO (Single Sign-On). SSO allows a user to provide credentials only once and then be authenticated on multiple (or all, depending on configuration) applications.
  • SP (Service Provider). An application that requires authentication. In our model, SL1 is considered a service provider. The SP passes authentication requests to the IdP.
  • IdP (Identify Provider). Stores information about users in a database, frequently LDAP or Active Directory, and passes authentication information to SPs.
  • SAML (Security Assertion Markup Language). XML-based standard for exchanging authentication data.
  • SAML Assertion. A package of information about a user and the user's authentication status. A SAML assertion contains XML attributes.

How Can I Use SSO with SL1?

  • You can configure SL1 to automatically create user accounts in SL1 for existing Single Sign-On users and then always use Single Sign-On to authenticate those users when they access SL1.
  • You can use Single Sign-On to authenticate one or more existing ScienceLogic users when they log in to SL1.