Integrating Privileged Identity with SAML

As more organizations migrate to the cloud, they discover that their on-premises security solutions stop functioning at the perimeter. In response to this challenge, BeyondTrust Privileged Identity securely manages credentials and access to both cloud and on-premises resources using Security Assertion Markup Language (SAML).

This privileged identity management solution supports a broad range of SAML and OAuth federation identity providers. We’ve collaborated with Microsoft (ADFS), Okta, Ping Identity, OneLogin and other SAML-compatible services to provide rapid deployment in federated environments, via direct configuration.

Privileged Identity also supports legacy on-premises authentication and authorization solutions, such as Active Directory and LDAP, as well as OAUTH2 and OpenID.

Providing a Secure SSO Process

SAML authentication provides a secure Single Sign On (SSO) process that lets your authenticated users access Privileged Identity in the same way they access their other applications. The integrations ensure that only authorized and audited personnel can leverage the privileged credentials generated by Privileged Identity.

Ensuring Proper Access

To further enhance the authorization process, Privileged Identity can process group membership assertions made by the SAML provider. It can even filter for specific assertions to ensure too much access is not accidentally granted.

Simplified user life cycle management is another benefit of Privileged Identity's SAML authentication integrations. Former employees and contractors lose their access to your privileged credentials when they are cut off from their federated authentication service.