Introducing SAML
  • 08 Oct 2024
  • 1 Minute to read
  • Dark
    Light
  • PDF

Introducing SAML

  • Dark
    Light
  • PDF

Article summary

The product called OneSpan Sign provides a complete e-signature platform for the Web, including preparing, distributing, reviewing, signing, and downloading documents.

SAML (Security Assertion Markup Language) is a format for exchanging authentication and authorization data between an Identity Provider and a Service Provider.

To facilitate integration with third-party applications that provide Web SSO (Single Sign-On), OneSpan Sign supports the SAML 2.0 protocol. By performing the procedures listed below, you can:

  • Enable "senders" (members of a OneSpan Sign account) to log in to OneSpan Sign using SSO via SAML 2.0 tokens.

  • Enable "recipients" (not members of a OneSpan Sign account) to access the Signer Experience using SSO via SAML 2.0 tokens.

SAML logins to OneSpan Sign enable:

  • A better User Experience, since users are logged in to OneSpan Sign transparently

  • No need for the user to remember a password to log in

  • Less time spent re-entering a password

  • The option of automatically creating a new sender for the OneSpan Sign account upon a user's very first login to OneSpan Sign. Note that: (1) senders can be created even when multiple accounts have the same Identity Provider; (2) a new sender can be specified as either a Manager or a Member.

  • Reduced IT costs (via centrally-managed accounts and credentials)

  • "Recipients" to access the Signer Experience in a more secure manner

Regardless of how their account is configured for Single Sign-On Authentication, group signers must always log in to the sender part of the New User Experience before they sign.

Enabling a SAML login to OneSpan Sign generally entails successively performing the following procedures:

  1. Getting Started

  2. Configuring Your Identity Provider

  3. Configuring SAML on your OneSpan Sign Account

  4. Testing Your SSO Functionality

The protocol binding for SAML 2.0 is HTTP-Redirect and HTTP-POST.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, our interactive help assistant