Leveraging the functionality of enterprise single sign on and identity federation, Soffid provides a web module that allows users of unmanaged devices, including mobile devices, to access the full range of web applications in your organization without having to identify itself on each one.
To achieve it, Soffid WSSO is in front of the managed applications, so that when the application needs to identify the user, Soffid WSSO redirects him to the federation identity provider, which will identify him on behalf of WSSO.
Once the user is identified, either by username and password, either by digital certificate, either with any other accepted mechanism, WSSO system is responsible for registering the user session and injecting the credentials into the protected applications.
Thus, with Soffid WSSO you get:
- Provides SSO to legacy web applications without any modification.
- System administrator can turn on the single logout profile, so that the user will be logged out of every application at once.
- System administrator can enforce the use of strong authentication in applications that were not prepared to support it.