How the Gateway Single Sign-On process works - Platform - BlueCat Gateway - 24.1

Gateway Administration Guide

Locale
English
Product name
BlueCat Gateway
Version
24.1

When using Single Sign-On (SSO), users have the following options for logging in to Gateway:

  • Log in from the BlueCat Gateway login page (SP-initiated SSO)

  • Log in from the Identity Provider's login page (IdP-initiated SSO)

Logging in to Gateway through SSO automatically logs you in to Address Manager as well.

SP-initiated SSO

When using SP-initiated SSO, you log in to BlueCat Gateway directly using your company's SSO credentials. Upon login, BlueCat Gateway sends an authentication request to the identity provider (IdP). The IdP validates your credentials. When validation is successful, the IdP generates an access token. The IdP redirects the access token to BlueCat Gateway and grants you access.

The diagram below illustrates the SP-initiated SSO authentication process:

IdP-initiated SSO

When using IdP-initiated SSO, you log in to BlueCat Gateway through the identity provider's login page using your company's SSO credentials. The IdP validates your credentials. When validation is successful, the IdP generates an access token and redirects you to BlueCat Gateway.

The diagram below illustrates the IdP-initiated SSO authentication process: