saml – WindowsTechs.com

What’s the point of users having to authorize their SSH keys and tokens they created themselves when SAML single sign-on is enabled on GitHub?

Posted on July 22, 2024 by user1042840

In GitHub’s Enterprise Cloud docs it says:

To use an SSH key with an organization that uses SAML single sign-on (SSO), you must first authorize the key.

I understand that organization admins could have the power to invalidate individual … Continue reading What’s the point of users having to authorize their SSH keys and tokens they created themselves when SAML single sign-on is enabled on GitHub?→

Is there a method of session revocation for SAML/Single Sign-on applications?

Posted on July 2, 2024 by Al Longley

While running a red teaming exercise, we had taken over an account inside an organization’s Identity Provider via social engineering attack (specifics of which aren’t relevant to this question). Their team’s response to this mistake was sp… Continue reading Is there a method of session revocation for SAML/Single Sign-on applications?→

Terminology clarification on IdP-initiated, SP-initiated SAML flow

Posted on May 17, 2024 by mxxk

Background
In SAML, there is IdP-initiated and SP-initiated login. IdP-initiated login ends up posting an unsolicited SAMLResponse to the SP, which has known security disadvantages. However, what if SP-initiated login is triggered from the… Continue reading Terminology clarification on IdP-initiated, SP-initiated SAML flow→

Google SAML auth not working through APP tile but works with direct link

Posted on April 26, 2024 by JeanneD4RK

We’ve recently migrated from Okta to Google for work for AWS authentication.
Our amazon org authentication is setup through IAM Identity center. It was working flawlessly using Okta but since we migrated to Google auth, we are only able to… Continue reading Google SAML auth not working through APP tile but works with direct link→

Risks with having a "localhost" service configured on a production SAML/OAuth/OIDC Identity Provider

Posted on March 9, 2024 by xsrf

To help developers with integrating with our SAML/OAuth/OIDC Identity Provider on their local dev environments, I’m thinking about configuring a demo client/app in our production IdP that has localhost configured as valid redirect url (OAu… Continue reading Risks with having a "localhost" service configured on a production SAML/OAuth/OIDC Identity Provider→

From federation to fabric: IAM’s evolution

Posted on March 5, 2024 by Cian Walker

In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that […]

The post From federation to fabric: IAM’s evolution appeared first on Security Intelligence.

Continue reading From federation to fabric: IAM’s evolution→

From federation to fabric: IAM’s evolution

Posted on March 5, 2024 by Cian Walker

The post From federation to fabric: IAM’s evolution appeared first on Security Intelligence.

Continue reading From federation to fabric: IAM’s evolution→

Access API using SSO with saml2 [closed]

Posted on January 18, 2024 by itsme

I have an application that retrieves and publishes information in an API with GET and UPDATE methods. And this application is under the umbrella of a SSO federated environment.
How would it be possible to get access to this API passing the… Continue reading Access API using SSO with saml2 [closed]→

Verify user credentials via SAML (E-Signature)

Posted on December 5, 2023 by Jakub Zvonek

I have a requirement to extend a quality assurance process in the customers CRM system so that when the user enters some data he or she is prompted to a screen with username and password and the already logged in user is again verified. Yo… Continue reading Verify user credentials via SAML (E-Signature)→

alternatives for OAuth, SAML, OpenID Connect, and WebAuthn [closed]

Posted on September 29, 2023 by jfk_1996

What alternatives for authentication and authorization technologies besides OAuth, SAML, OpenID Connect, and WebAuthn can be used for cloud apps?
I am currently writing my thesis and would like to look into the future and see if there are … Continue reading alternatives for OAuth, SAML, OpenID Connect, and WebAuthn [closed]→