Secure Token Service (STS)
The SurePass Secure Token Service (STS) is a SAML 1.1 Identity Provider (IdP) designed to support SharePoint 2010 or 2013. From a user perspective it functions in a similar to SAML2 IdP but the underlying plumbing is different:Â
The user experience is as follows:
- Configure SharePoint server for SAML 1.1 STS using the SurePassIdP installer. As part of the install the majority of the configuration is done automatically.Â
- When you login to SharePoint via browser (on any platform including mobile platforms) SharePoint will do a POST to SurePassIdP.Â
- The SurePassIdP will render the login screen to match the user device; mobile UI or Rich UI.
- The login screen will require the user to enter login credentials and 2FA credential. The user can use any 2FA that SP supports to login in. The single factor will be Active Directory (AD) or the SurePass directory (if you want to keep AD out of it) or you are running in a cloud environment where AD is not available. You can automatically sync AD with the SurePass directory with the Directory Sync Agent.
- Once authenticated, SurePassIdP signs the request and POSTS back to SharePoint 2010/2013 and the home page is displayed.
Please contact SurePassID for the installer and documentation.