Setting up Single Sign-On for your Absolute account

IMPORTANT  Absolute's Single Sign-On solution supports the Security Assertion Markup Language (SAML) 2.0 protocol only.

Single sign-on (SSO) is an authentication process whereby users provide a single set of credentials to access multiple web applications during a user session. After users are authenticated, they can switch between applications without re-entering their credentials.

If your organization uses one of the following SAML 2.0 identity providers An online service or website that creates, maintains, and manages identity information and authenticates users on the Internet using security tokens. (IdP) for user authentication, you can enable single sign-on to the Absolute console:

NOTE  Absolute has tested and validated SSO using the IdPs listed above. If you prefer to use another IdP, you should be able to use any IdP that supports the SAML 2.0 protocol.

Note that Absolute's SSO solution supports SAML 2.0 requests and responses that use SHA256 hash algorithms with RSA-SHA256 signing algorithms. For more information about configuring hash algorithms and signing algorithms in an IdP, refer to the documentation provided by your IdP.

When SSO is enabled, Absolute users are authenticated by the configured third party IdP instead of the Absolute IdP.

For more information about installing one of the supported IdPs listed above and setting it up for your organization, refer to the documentation provided by your IdP.