Chapter 2. Feature Overview

2.1. Single Sign-On(SSO) Server

Red Hat Single Sign-On (RH-SSO) 7.0 includes a standalone SSO server, which serves as a Security Assertion Markup Language (SAML) 2.0 or OpenID Connect-based Identity Provider.

2.2. Client adapters for JBoss EAP

RH-SSO 7.0 includes client adapters for Red Hat JBoss Enterprise Application Platform (EAP) 6.4 and 7.0, The designated adapters enable JBoss EAP to act as SAML Service Provider or OpenID Connect-based Resource Server, interfacing with standalone RH-SSO Server.

2.3. Mod_auth_mellon certification

RH-SSO 7.0 Server is supported as a SAML 2.0 Identity Provider integrated with the mod_auth_mellon module in Red Hat Enterprise Linux (RHEL) 7.2 acting as SAML 2.0 Service Provider.

2.4. Client adapter for JBoss Fuse

The Maven repository for RH-SSO 7.0 includes a client adapter for Red Hat JBoss Fuse 6.2 as a Technology Preview feature.

2.5. User Federation

RH-SSO 7.0 is tested with a variety of LDAP servers, Microsoft Active Directory, and RHEL Identity Management (IdM) as one or more federated sources of enterprise user information. For more details on supported integrations, please refer to

2.6. SPNEGO-based Kerberos

RH-SSO 7.0 Server supports SPNEGO integration with Microsoft Active Directory and RHEL Identity Management (IdM), which have been configured to use Kerberos.

2.7. Identity brokering

RH-SSO 7.0 integrates with a 3rd party SSO Providers and social login providers, such as Facebook, Google, Twitter, for user authentication.

2.8. Administration user interface (UI) and REST APIs

RH-SSO supports an Administration UI as well as REST APIs for a variety of user management, role mapping, client registration, user federation, and identity brokering operations.