When using Single Sign-On (SSO), users have the following options for logging in to Gateway:
Log in from the BlueCat Gateway login page (SP-initiated SSO)
Log in from the Identity Provider's login page (IdP-initiated SSO)
Logging in to Gateway through SSO automatically logs you in to Address Manager as well.
SP-initiated SSO
When using SP-initiated SSO, you log in to BlueCat Gateway directly using your company's SSO credentials. Upon login, BlueCat Gateway sends an authentication request to the identity provider (IdP). The IdP validates your credentials. When validation is successful, the IdP generates an access token. The IdP redirects the access token to BlueCat Gateway and grants you access.
The diagram below illustrates the SP-initiated SSO authentication process:
IdP-initiated SSO
When using IdP-initiated SSO, you log in to BlueCat Gateway through the identity provider's login page using your company's SSO credentials. The IdP validates your credentials. When validation is successful, the IdP generates an access token and redirects you to BlueCat Gateway.
The diagram below illustrates the IdP-initiated SSO authentication process: