Show Table of Contents
Chapter 1. Introduction
Red Hat Single Sign-On (RH-SSO) is an integrated Single Sign-On solution (SSO) and supports both OpenID Connect and SAML v2.
RH-SSO is an authentication server for web applications, mobile applications and RESTful web services, where users can manage their user accounts. The RH-SSO administration UI can manage roles and role mappings for any application secured by RH-SSO. You can use the RH-SSO server to perform social logins using social media sites, such as Google, Facebook, Twitter, and others.
1.1. Integrating with Red Hat JBoss BPM Suite
By integrating with Red Hat JBoss BPM Suite, you gain additional supported features. For example:
- Centrally managed user and role mapping metadata. Minimal configuration required at the application side.
- Administrator console for managing users, roles, role mappings, applications, and user sessions.
- Revocation policies.
- Password policies.
Additional features to gain support after the Red Hat Single Sign-On GA include, for example:
- OpenID Connect, SAML 2.0 Single Sign-On, and Single Log Out services for your browser applications.
- Social Broker – Enable Google, Facebook, Yahoo, or Twitter social login service with no code required.
- Identity Broker – Delegate to an external SAML 2.0 or OIDC broker for authentication.
- Optional LDAP/Active Directory integration.
- Optional User Registration, with optional re-captcha ability.
- Password and time-based one-time password (TOTP) support (through Google Authenticator). Authentication through client certification is coming soon.
- User session management from both administrator and user perspectives.
- Customizable themes for user pages – login page, account management, emails, or administrator console are fully customizable.
- OAuth 2.0 Bearer token authentication for REST Services.
- Integrated browser application for REST Service token propagation.
- Cross-origin resource sharing (CORS) Support.
- Deployable as a WAR, appliance, or an Openshift cloud service (SaaS).
- HTTP security proxy for environments, platforms, and languages that do not have a client adapter.
- Javascript/HTML 5 adapter for pure Javascript applications.
- Session management from administrator console.
- Claim and assertion mappings. Your tokens and assertion XML is fully customizable.
- Impersonation – Allow your administrators to impersonate a user to troubleshoot.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.