Integrate the first application to Ubisecure SSO

This article instructs on creating the first application on top of Ubisecure SSO.

Installation

One option is to use SAML as a service provider for the application. See the manual for integrating the application using SAML at Install Sample SAML service provider application for Java.
OAuth 2.0 or OpenID can alternatively be used as the service provider.

Delivering user attributes

The user attributes sent from SSO to the application can be managed through the application's Authorization policy.
The process of creating and adjusting the policy is described in the article Manage authorization policies.

Directory user mapping

The application can use the data of the authenticating user to fetch their data from a third-party identitity provider. This is achieved by mapping the users in the directories.
Below is a manual for directory user mapping with practical examples for the TUPAS methods:
Management UI Traditional Directory User Mappings - SSO
For SQL databases, some specific configurations are needed:
Use Directory User Mapping with SQL databases

Related articles

• Page:
  SAML Compatibility Flags
• Page:
  Install and start Ubisecure SSO Tomcat and Accounting Service as Windows Services gives error
• Page:
  Access to the requested resource is denied error
• Page:
  Authorization Policy Example : SHA256 hash from SSO session ID and user's email address
• Page:
  Error While Generating SP metadata in .NET environment