Introduction to SoftLayer Single Sign-On Service

SoftLayer Single Sign-On (SSO) Service allows users to authenticate with an Identity Provider (IdP) external to SoftLayer and federate their credentials to the SoftLayer portal. SoftLayer’s SSO Service is through our Infrastructure Management System (IMS) offering and is available to customers in single and multi-tenant environments. You can integrate SoftLayer SSO Service into your existing on premises Enterprise ID provider or integrate through a popular Identity as a Service provider.

Introduction to SoftLayer Single Sign-On Service

SoftLayer Single Sign-On (SSO) Service allows the

  • Elimination of managing duplicate user profiles (identities)
  • Elimination of multiple passwords for your end users
  • Leverage of an existing identification management (ID management) solution (see Identity Provider)
  • Use of your internal ID management process, e.g., password length, rotation, and so on

Security Assertion Markup Language™

Security Assertion Markup Language (SAML™) is the language used to exchange authentication and authorization data between two security domains, e.g., an IAM service and SoftLayer.

Note that you will need to reference information specific to SAML 2.0 when working with SoftLayer SSO.

Identity Provider

An Identity Provider (IdP), also known as an Identity Assertion Provider, is a third-party provider and does the following:

  • Provide identifiers to users looking to interact with a system, such as SoftLayer
  • Assert to the system that the identifier presented by the user is known to the IdP
  • Provide other information about the user that is known to the IdP[1]

Suggested IdPs to use with SoftLayer include Ping Identity®, OneLogin™, IBM® Cloud Security Enforcer, and IBM Cloud Identity Services. Contact your SoftLayer Sales Representative for more information.

Service Provider

A Service Provider (SP) is company that provides other services; SoftLayer is considered the service provide for purposes of this document. While service provider may refer to organizational sub-units, it is generally used to refer to third party or outsourced suppliers, such as SaaS application service providers (ASPs), storage service providers (SSPs), cloud and Internet service providers (C/ISPs). SoftLayer is a provider of Infrastructure and Platform as a Service.

SoftLayer-related SSO workflow

SoftLayer provides IdP initiated federation.  Figiure 1 illustrates how SSO works between  your IdP and SoftLayer.


 

Figure 1 illustrates how SSO works between your IdP and SoftLayer.



[1] This may be achieved via an authentication module, which verifies a security token that can be accepted as an alternative to repeatedly, explicitly authenticate a user within a security realm.