Introduction to SAML (Web SSO) Authentication

Web SSO support in EFT is limited to LDAP, ODBC, and Globalscape-authenticated Sites; Web SSO is disabled and unavailable for AD-authenticated Sites.

The SAML SSO feature in EFT will look up accounts to match the user-id configuration, and if found, it will associate the IdP-authenticated users with said pre-provisioned accounts. EFT can also optionally perform what’s called Just In Time (JIT) provisioning, where it can create an account in a pre-designated Settings Template, for authenticated users, if they do not already exist in EFT. When a positive mapping of identify assertions to existing user accounts cannot be made, Web SSO authentication will fail or revert to normal authentication and request login credentials. (See Web SSO Error Handling).