DATABASICS offers customers to use SAML protocol for SSO Authentication. SAML is a secure method of single sign-on, it is an XML-based standard for exchanging authentication and authorization data between security domains. The Federated SSO solution is offered with hosted DATABASICS licensing (DB will serve
as service provider), and require DB services to support set up and testing. The SAML integration enables single sign-on by exchanging security information (XML tokens) with an external identity provider (e.g. Active Directory). The identity provider authenticates the user and passes a NameID token to DATABASICS. If DB finds a user with a matching NameID token (LOGIN_ID in DB), the instance authenticates that user.
Users accessing the DATABASICS application need to originate in a single source for authentication (e.g. Active Directory). When in place, the solution allows the user to access either directly (via the network) or through SAML authentication as outlined in the diagram below.
Frequently Asked Questions:
Will DATABSICS work with my SAML provider?
Provided the technical requirements are met, DATABASICS will work with your SAML provider, the following lists providers we have worked with in the past:
ADFS
OKTA
OIF
How long will it take to implement SAML?
DATABASICS suggest putting aside two weeks to test the SAML set up. Applying the solution in production requires the services to be re-started, but will not require any downtime.
When can we implement SAML?
SAML can be implemented at any time during the implementation lifecycle, even after go live.
What is the Cost for implementing SAML?
There is a one-time license fee to install SAML in the DATABASICS environment, there is also services costs associated with setup and testing effort. The cost will be based on the size and complexity of the work, please contact DATABASICS Services for details.
Does SAML work on the Mobile App?
SAML is not support on our Mobile App, instead we use PIN Authentication where each Mobile Device will be assigned with a 4 Digit PIN that is unique to the Employee login and Device ID.
Is token encryption supported if so, what certificate hash level is supported?
Yes, both SHA1 and SHA256 are supported, DB recommends SHA256.
Is token signing supported, if so, what certificate hash level is supported?
Yes, both SHA1 and SHA256 are supported, DB recommends SHA256.
If token signing is supported, what data is signed?
Both Message and Assertion is signed.
What hash algorithm is supported for the RelyTrust?
Yes, both SHA1 and SHA256 are supported, DB recommends SHA256.
Where can I learn more about SAML technology?
For more information about SAML: http://saml.xml.org/saml-specifications