Federated authentication with IBMid
Federated authentication allows an organization's identity provider to handle all of the users leveraging IBM web applications and cloud services. As a result, an organization can use their own login page and security controls to secure access to IBM Cloud Apps or IBM Services.
IBM leverages the Security Assertion Markup Language 2.0 (SAML 2.0) for this capability. SAML 2.0 is a standard version for exchanging authentication data between security domains. It is an XML-based protocol that uses a security token containing assertions to pass information between the organization's "Identity Provider," and the IBM Rely Party (RP), otherwise known as the Service Provider.
Security Assertion Markup Language (SAML) 2.0 and IBMid are used to implement federated authentication. A user logs in to Sterling Order Management System through the IBMid sign in page and authenticates through your organization's SAML identity provider. Configuring IBMid to use federated authentication does not require any changes to Sterling Order Management System security.
To enable federated authentication, review the IBMid Enterprise Federation Adoption Guide with your IT organization, and then contact IBM Support.
Login flow after an IBMid is linked to a Sterling Order Management System user
The following image shows the login flow when an IBMid is linked to an Sterling Order Management System user: