By default, ScreenSteps allows you to manage access to your content by means of users and groups that you create in your ScreenSteps account. Setting up Single Sign-on through a 3rd party Identity Provider (IDP) allows you to incorporate a 3rd party user management system with your ScreenSteps account so that you do not have to manage users in two separate places. Single Sign-on gives you full control over the user authentication process.
How does it work?
When a user requests protected content on your ScreenSteps site, ScreenSteps normally displays a login screen. But with Single Sign-on enabled you take control of user authentication. Here is how a request for protected content works:
- The user requests (1) protected content on your ScreenSteps account (2).
- With Single Sign-on enabled, ScreenSteps redirects the user to a url that you specify (3).
- This url contains a login screen where the user enters a username and password (4).
- When the user successfully enters a valid username and password your system tells ScreenSteps to let the user in (5) at which point ScreenSteps grants access to the protected content (6).
Two types of remote authentication
ScreenSteps offers two options for remote authentication:
- SAML (Security Assertion Markup Language)
- ScreenSteps Remote Authentication
If you are using an identity provider that offers SAML support then you should use SAML. If you need to integrate ScreenSteps with a service that does not offer SAML support then you should use ScreenSteps Remote Authentication.