Federation Security

Hello everybody,

Today I want to write few words about federation security.

So, imaging following situation. You work in one company, which partners with one or two others. And Both of them provide some kind of IT services.

One of the ways of dealing with such situation is make for each IT service login name and password for each of IT services. Of course it's not very convenient. It's not convenient for users, which need to have few accounts, it's not convenient for administrators, which need ot manage user names and passwords. Etc. How to deal with it? One of the solutions is identity federation.

How it works. One of the ways of solving it is making IT services to work with accepting tokens which are produced by STS ( security token service ) of another organization.

The schema is the following.

User logs in your app, your app makes some kind of requests to Federation provider, which receives you a security token, and then your app uses generated token in order to access another IT services.

Working with Assignment and Approval Maps in Acumatica via Automation Steps

How use CacheAttached

Events in Acumatica

Handling Exceptions in Acumatica: PXException, PXSetPropertyException, and RaiseExceptionHandling

Display field without name

How to get C# of version 9 in Acumatica class library

Horizontal Scalability in Acumatica

Take and update message from Email Templates

Root element is missing

Overriding Add, Add and Close buttons

Federation Security

Related posts