Introduction to Single Sign-On Authentication

When single sign-on (SSO) authentication is used, a user who already has a login session with the client application does not need to provide their login credentials again when calling a TIBCO ActiveMatrix BPM service (provided their credentials are also valid for logging into TIBCO ActiveMatrix BPM).

SSO authentication requires that TIBCO ActiveMatrix BPM can:

verify that the incoming message is from a trusted source, and
validate the subject of the message as a registered TIBCO ActiveMatrix BPM user.

TIBCO ActiveMatrix BPM supports the use of the following to facilitate SSO authentication:

Type	Supported on API
X.509 certificates	SOAP
SAML tokens	SOAP Java Service Connector
SiteMinder	REST Openspace and Workspace clients
Kerberos	REST Openspace and Workspace clients

See:

Using X.509 Certificates or SAML Tokens for SSO Authentication

Using SiteMinder with ActiveMatrix BPM

Using Kerberos with ActiveMatrix BPM

Contents

Index

Search Results

Introduction to Single Sign-On Authentication