This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Cloud Authentication Service Documentation

Browse the official SecurID Cloud Authentication Service documentation for helpful resources for the product, step-by-step instructions, and other valuable resources.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Versions
Collections
All Downloads

Table of Contents

Product Resources

Identity Router®

An identity router is a virtual appliance that enforces authentication and access for users of protected applications, manages single sign-on (SSO), and connects the RSA Via Access hosted service to enterprise resources such as Active Directory and RSA Authentication Manager.

  

An identity router® is a virtual appliance that enforces authentication and access for users of protected applications, manages single sign-on (SSO), and connects the RSA Via Access hosted service to enterprise resources such as LDAP directory servers and RSA Authentication Manager.

You install the identity router as a virtual appliance on your network using a VMware image, which includes all necessary identity router applications. Your RSA Via Access deployment may include multiple identity routers, which can operate in clusters to provide additional features and reliability. You can use a network load balancer to distribute workload among identity routers based on the available capacity. RSA recommends that you deploy identity routers in clusters of three. For information on protecting the identity router environment, see the RSA Via Access Security Configuration Guide.

The identity router performs these main functions:
  • Connects the RSA Via Access hosted service to enterprise resources, such as LDAP directory servers and RSA Authentication Manager.
  • Hosts the application portal, which provides a convenient interface where users can view and access protected applications.
  • Authenticates users to the application portal and tracks sign-in sessions for protected applications.
  • Manages sign-in session duration for HTTP Federation (HFED) and trusted header applications, and the application portal.
  • Enforces step-up authentication, connecting users to the RSA Via Access hosted service to provide additional authentication credentials when required.
  • Manages SSO for applications that support Security Assertion Markup Language (SAML), as well as non-SAML applications. Users who satisfy the authentication requirements to access one application are not required to re-enter the same authentication credentials to access a second application that uses the same or lower assurance level during the same SSO session.
  • Provides HFED to enable SSO for non-SAML applications.
  • Extends Integrated Windows Authentication and LDAP directory server user password SSO functionality to protected applications.
  • Supports SAML "just-in-time" user provisioning, allowing compatible applications to create new user accounts based on extended attributes contained in SAML assertions.
Was this article helpful? Yes No
No ratings
© 2023 RSA Security LLC or its affiliates. All rights reserved.