Context
In addition to an HTTPS API, the AppCheck product incorporates an HTTPS UI (web application) commonly referred to as the scan portal. Along with the API, the UI permits the remote administration by registered customers of their scans, including scan creation and configuration and the viewing of scan results. This portal is located at https://scanner.appcheck-ng.com
Since the scan portal permits administration of scans on a per-customer basis, it requires that customers authenticate to the platform, using a username and password (mandatory) as well as multi-factor authentication (optional, enabled on a per-customer basis).
What is SSO (Single Sign On)?
SSO or Single Sign On is a broad umbrella term for any authentication scheme in which a user is able to log on using a single common set of credentials to any one of several independent software systems. In the context of customer authentication to the AppCheck scan portal, this refers to the use of federated identity in which an authentication token issued by the customer's own identity management system (such as Active Directory) is recognised by the AppCheck system and used to grant access.
This is intended to permit the centralised management of individual user accounts (across all endpoint systems within the organisation as well as without) from a single, central and internal identity management system, such as Microsoft's Active Directory.
This contrasts to local account management in which each endpoint system maintains its own unique and independent user database, and any user wishing to access that particular endpoint system (eg the AppCheck scan portal) must have a specific user account (and credential set) created on that endpoint system specifically.
What is SAML?
SAML (or "Security Assertion Markup Language") is an open standard for exchanging authentication data between systems so as to implement an SSO arrangement. Typically authentication occurs against an identity provider within the customer organisation (e.g. Active Directory) and a token is then issued for use against one or more service providers (endpoint systems the user wishes to access).
Does AppCheck offer SAML integration?
AppCheck does not at this time offer SSO integration, either with SAML or via any alternative platform or standard.
How is AppCheck authentication configured?
User authentication to AppCheck is managed by an in-house user record database, and user/identity management is performed via the scan portal on a per-customer basis.
Our access control model uses Role-Based Access Control (RBAC) that provides for both customer defined groups that restrict the scope of individual user permissions, as well as multiple roles such as "user" and "admin" to further set permission restrictions.
AppCheck offers multi-factor authentication (2FA/MFA) which can be enabled on request on an organisational (customer) level.
The system also incorporates password management / password reset capabilities.
Will AppCheck offer SSO integration via SAML in the future?
AppCheck will always consider feature requests from customers and may implement SSO/SAML functionality if there is sufficient customer interest. Please contact your AppCheck account manager if SSO/SAML is a key feature that would be of benefit to your organisation.
Comments
0 comments
Article is closed for comments.