Grid authentication considerations

The Grid uses a pluggable architecture to authenticate users. All authentication is handled by a special Grid application called a session provider. SAML Session Provider is the only session provider that enables single sign on with Security Roles from Infor Federation Services, which is a prerequisite for running M3 in Infor Ming.le™ with SSO.

SAML Session Provider

The SAML Session Provider authenticates users using SAML to communicate with AD FS. User credentials are stored in AD but extended attributes (for example Security Roles) are also stored in Infor Federation Services (IFS) and emitted as claims during logon.

The session provider supports the following authentication methods:

The SAML Session Provider implements the SAML protocol to authenticate users to AD FS (for browser clients that can be automatically redirected). The basic authentication method uses WS-Trust (for active, non-browser based clients).

For more detailed information about the Session Providers refer to Infor ION Grid Security Administration Guide.

Your system must meet the following requirements: