 |
Single Sign-On Documentation | | |||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||
Single-Sign On FAQ
What is Single Sign On (SSO)?
Single Sign On to WebEx Meeting Services allows users to authenticate to their corporate network and schedule and host WebEx Meetings without having to login with a separate WebEx username and password.
How is Single Sign On to WebEx Meeting Services accomplished?
Custom SSO API pages
One approach involves deploying custom WebEx SSO web pages onto the customer's network. User's can develop their own custom SSO web pages using the WebEx URL or XML API's or the WebEx Professional Services team can develop them.
Users can access these custom SSO web pages only after authenticated to their corporate network. The custom SSO web pages automatically pass the user's WebEx username and password via the WebEx URL or XML API's to authenticate the user with the WebEx site. Usually the custom SSO web pages can automatically create a WebEx account if the user does not have an account on the WebEx site. Typically user's do not know their WebEx password's which prevents them from accessing the WebEx site outside of their corporate network.
For more information on this SSO approach, see the Approaches to SSO Tech Note
SAML / ADFS SSO
WebEx also supports SSO via identity federation standards including SAML and Microsoft ADFS. This approach requires customers to have an identity mangement system (IDMS) like CA SiteMinder, that supports SAML 1.1, 2.0 or ADFS 1.0 federation.
With SAML / ADFS SSO, the customer's identity management system controls access to the WebEx meeting site. Users will first authenticate to their corporate network. When a user requests access to the WebEx site, the IDMS will validate the user and generate a digitally signed SAML or ADFS assertion with the user's WebEx username. WebEx will validate the assertion signature and authenticate the user to the WebEx site.
For more information on this SSO approach, see the SAML Authentication Service Tech Note