IDM 360™ provides the only complete single sign-on solution for Alfresco©. It allows Alfresco to be seamlessly integrated into corporate or customer facing solutions using a wide variety of authentication choices. Features include:
- Ability to accept multiple forms of authentication (SAML, OpenID, OAuth, Multi-factor, IWA, Custom, Legacy, etc.)
- Support multi-tenancy with each tenant having a separate form of authentication including separate identity providers
- Support Alfresco Office Services (AOS)
- Scale to hundreds of thousands of users
IDM 360 extends Alfresco to allow multiple forms of Authentication
Alfresco users may include internal employees, customers, administrators, contractors and others. Users may be logging in from the internal network, across a virtual private network (VPN), or from outsize the company network. Each customer may require a separate form of authentication such as direct form based login, SAML, or ws-Federation. Customers may wish to have a unique login page with customized colors, logos, disclaimers and contact information. Customers or internal user may require multi-factor authentication. Mobile users require device friendly login forms. IDM 360™ for Alfresco has the unique ability to tailor each user’s login experience based on their location, device type, company and method of connectivity. IDM 360™ for Alfresco routes the login to the appropriate source such as the customer’s single sign-on service, or a custom micro-site with company colors and logo. For SSO, each customer can have a unique identity provider allowing true enterprise sign-on. For direct login, each customer can be directed to a custom sign-on page to provide custom colors, logos, contact information and disclaimers. Internal users can use the Alfresco database, Active Directory, SAML, WS-Federation, IDM 360™ directory or any other combination of user directories/databases. For Active Directory users, passwords may stay securely in the corporate directory and do not need to be copied into Alfresco.
IDM 360™ supports Alfresco Office Services
Alfresco Office Services (AOS) allows users to access documents using Microsoft Office tools with extremely convenient features such as edit on line. Until now, this feature was incompatible with single sign-on solutions causing users to be prompted with popups that asked for the local Alfresco database userid and password. This was particularly confusing if the user was logging into Alfresco via SAML or another form of SSO. The main login would ask for corporate credentials and the AOS popup would ask for local Alfresco credentials which did not match.
IDM 360™ for Alfresco provides seamless integration int Alfresco AOS. Microsoft credential requests use the same back-end SSO credentials as the main site. Further, when using SSO, Microsoft Office applications such as word, perform the SSO handshake with IDM 360™ for Alfresco. This allows word to seamlessly edit an Alfresco document without requiring an additional password prompt. IDM 360™ for Alfresco is the only SSO solution for Alfresco that includes seamless AOS support.