Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

SafeNet App Gateway

Single Sign-On (SSO) Support for SafeNet App Gateway

search
printsuggest an editpdf paneldownload

Single Sign-On (SSO) Support for SafeNet App Gateway

Single Sign-On (SSO) support for SafeNet App Gateway signifies its capability to facilitate seamless SSO operations while accessing non-standard web applications (that do not support SAML 2.0 or OIDC protocol) that are protected by SafeNet Trusted Access (STA). Users are authenticated once and gain access to multiple applications without the necessity of repeated logins for each application.

The following table shows the SSO behavior when two applications with the same or different authentication schemes are hosted on the same web or application server.

note

Note

Similar behavior, as enlisted below, is also expected if more than two applications are hosted on the same (single) web or application server and protected by a single SafeNet App Gateway instance.

Use Case Application Authentication Scheme Workflow Conclusion
1

Application 1


Application 2

Custom


Custom

  1. After successfully completing the STA authentication, the user gains access to application 1.

  2. In a separate tab or a new window of the same browser, the user can access application 2 without the need for re-authentication.

 Reauthentication is not required for application 2.
2

Application 1


Application 2

Basic


Custom

  1. After entering the application credentials and successfully completing the STA authentication, the user gains access to application 1.

  2. In a separate tab or a new window of the same browser, the user can access application 2 without the need for re-authentication.

 Reauthentication is not required for application 2.
3

Application 1


Application 2

Custom


Basic

  1. After successfully completing the STA authentication, the user gains access to application 1.

  2. Subsequently, when the user opens application 2 in a separate tab or a new window of the same browser, the user is prompted to enter application credentials.

  3. After entering the application credentials, the user gets access to application 2.

 Reauthentication is required for application 2 using the application credentials only and not for the STA IdP as it maintains a STA IdP session.
4

Application 1


Application 2

Basic


Basic

  1. After entering the application credentials and successfully completing the STA authentication, the user gains access to application 1.

  2. In a separate tab or a new window of the same browser, the user can access application 2 without the need for re-authentication.

 Reauthentication is not required for application 2.
5

Application 1


Application 2

Custom


Form-based

  1. After successfully completing the STA authentication, the user gains access to application 1.

  2. Subsequently, when the user opens application 2 in a separate tab or a new window of the same browser, the user is prompted to enter application credentials.

  3. After entering the application credentials, the user gets access to application 2.

 Reauthentication is required for application 2 using the application credentials only and not for the STA IdP as it maintains a STA IdP session.
6

Application 1


Application 2

Form-based


Custom

  1. After entering the application credentials and successfully completing the STA authentication, the user gains access to application 1.

  2. In a separate tab or a new window of the same browser, the user can access application 2 without the need for re-authentication.

 Reauthentication is not required for application 2.
7

Application 1


Application 2

Form-based


Basic

  1. After entering the application credentials and successfully completing the STA authentication, the user gains access to application 1.

  2. In a separate tab or a new window of the same browser, the user can access application 2 without the need for re-authentication.

 Reauthentication is not required for application 2.
8 Application 1


Application 2

 Basic


Form-based

  1. After entering the application credentials and successfully completing the STA authentication, the user gains access to application 1.

  2. In a separate tab or a new window of the same browser, the user can access application 2 without the need for re-authentication.

 Reauthentication is not required for application 2.
9 Application 1


Application 2

 Form-based


Form-based

  1. After entering the application credentials and successfully completing the STA authentication, the user gains access to application 1.

  2. In a separate tab or a new window of the same browser, the user can access application 2 without the need for re-authentication.

 Reauthentication is not required for application 2.
note

Note

Access to multiple applications without re-authentication depends on the active SSO session, which lasts for eight hours in STA. For more information, refer to the Single sign-on session timeout section.

On this page