Generally, each cloud service or application uses one authentication method to log on users. Web Gateway provides SSO services for many cloud applications that use HTTP or SAML 2.0 authentication through individual cloud connectors. Web Gateway also provides SSO services for cloud applications using a proprietary authentication method through a custom token named IceToken.
SSO data sources
The data source from which Web Gateway obtains the user's credentials or information depends on whether single sign-on is to an HTTP or SAML service.
- HTTP services — Web Gateway uses an integrated credential store: a secure database that stores credentials like the user names and passwords required by HTTP services. Users who seek access to an HTTP service must first authenticate against the database.
- SAML services — Web Gateway retrieves identity information from an external data source and produces a SAML assertion attesting to the user's identity.