SSO terminology

Applies to NAM 2018+

For general information about SSO, see Single sign-on (SSO) in NAM.

Single sign-on (SSO) is a method of controlling access to multiple software systems through a single ID and password. Sign in to one of the systems and you are signed in to all of them.

Security Assertion Markup Language (SAML) is an open standard for providing SSO.

service provider (SP)
A SAML service provider (SP) is a system entity that authenticates through an identity provider (IdP).

In NAM, a NAM Server is an SP. There can be multiple SPs (NAM Server instances) in your NAM deployment. See Service Providers Management to list all NAM Server instances associated with your deployment.

identity provider (IdP)
An identity provider (IdP) in general SSO terminology is the system that coordinates the sign-on process for all of the SPs in the deployment.

In the default NAM configuration, the NAM Console acts as the IdP for the entire deployment: all sign-on traffic is routed through the NAM Console, which is why the NAM Console has to be accessible from all NAM Servers in your deployment.

Optionally, you can configure an external IdP to manage single sign-on for your NAM deployment, in which case all sign-on traffic is still routed through the NAM Console, but then forwarded to the external IdP for authentication. See Using an external identity provider for information on configuring an external IdP.