Single Sign On Federation

Question 1

What is Okta?

Answer 1

Okta is an Identity Access Manager.

Question 2

What is IAM?

Answer 2

IAM stands for Identity Access Management. IAM is a framework of policies and technologies to ensure that the right users have appropriate access to resources.

Question 3

What is an IdP?

Answer 3

Identity Provider: An Idp is the server that confirms authentication in a federated network.

Question 4

What is an SP?

Answer 4

SP stands for Service Provider. A service provider is the resource sever that is being asked permission to sign on using an IAM protocol.

Question 5

What is a Federation?

Answer 5

Federation is the unification of systems that rely on one single IdP for the authentication of users.

Question 6

What is a Federation Protocol?

Answer 6

Federation protocols allow systems to vouch for your identity to other systems. Some federation protocols include SAML, WS-FED, & OIDC.

Question 7

What is the Okta Plug In for?

Answer 7

The Okta plug in allows users to start apps from their dashboard with a click when SAML is not available. It fills in the credential fields for you rather than have you do it manually.

Question 8

What are the two kinds of flow when authentication is occuring?

Answer 8

SP initiated flow and IdP initiated flow.

Question 9

What are percentage are the 3 protocols used?

Answer 9

SAML: 95%
WS-FED: 4%
OICD: 1%

Question 10

What Federation protocol(s) does NOT require the SP/RP and IdP to be able to talk?

Answer 10

SAML and WS-FED

Question 11

Describe IdP initiated flow.

Answer 11

• Log into IAM
• Click on app you want to access
• IdP gives you assertion that you can take to Sp

Question 12

Describe SP initiated Flow.

Answer 12

• Client reaches out to SP.
• SP redirects client to IdP with an authentication token
• IdP authenticates user and gives client an assertion
• Client gives SP the assertion and authenticates.