Successful integrations - Some of our cases

Single Sign On (with SAML)

David van de Maas from ngage tells.

Logo ngage

Federation with ClockWise

‘‘Right when it became possible, our organization set up a federation through SAML with ClockWise.’’

What is SAML?

‘‘In short, the web is based on Single Sign On across domains. The service provider ClockWise (SP) leaves the authentication to the identity supplier (Identity Provider or IDP). SAML is based on trust, a trust between IDP and SP.
Here the user experiences it as a real Single Sign-On, once logged in to our portal and you will no longer be asked for a name and password to use ClockWise.’’

  • SAML connetction ClockWise very simple
  • SAML 2.0 Wizzard
  • Single sign-on
  • Different providers possible

‘‘Ngage specializes in Identity & Access Management. SAML is an important part of Access Management and we frequently implement it in our relationships. From government services to publishers and from Cloud applications to web shops.’’

Why SAML.

‘‘Clockwise is one of the business-critical (financial) applications. The time registration and the invoices that are generated are an important part of the business.
The use of a federation through SAML provides a few important benefits.’’

Security.

‘‘In our view, business-critical applications should be protected with more than just name and password. Multi Factor Authentication (MFA) is used for this, so name/password and a token, sms, Yubikey or smartcard etc. The implementation of MFA on all used systems and applications can, however, produce a complex whole. There are many solutions, not every application knows all methodologies. By using one (1) source of authentication, namely our IDP, only one password policy has to be enforced in one place and only an MFA solution needs to be used on that system. In addition, SAML is also extremely suitable for enforcing central authorizations.’’

Administrators convenience.

‘‘The technical or functional administrators of an application such as ClockWise do not have to reset passwords, or set up self-service or make procedures for this.’’

Ease of use.

‘‘Not only will a user not have to enter a password for each application, but the user will not have to change his or her password in various systems either.’’

Implement SAML

‘‘The use of SAML can vary from very easy to extremely complex. This complexity is mainly caused when the message traffic contains very specific parts. However, the SAML (2.0) standard has been around since 2005 and is a widely used methodology that has already fully crystallized it.’’

SAML & Clockwise

‘‘The SAML link with ClockWise falls under the childishly simple category. In the Clockwise settings, a wizard can be started to define an external Authentication provider and to realize the configuration on the ClockWise side. The next step consists of defining the Service provider on the IDP side. In our case we use MicroFocus Access Manager which meant that we only had to start a wizard there. It worked immediately. An interesting option that ClockWise has built-in is that per user type it is possible to let the user choose between providers.’’