What is Enterprise Secret and why is it required for SAML SSO?

What is Enterprise Secret and why is it required for SAML SSO?

With SAML, an Identity Provider (IP) is asked whether the user is authorized to access idgard. This IP is not part of idgard, but rather an external service that redirects the user to the login page. The IP is used by a company, e.g., TÜV, to perform authentications, e.g., for SSO. Commonly used IPs are Microsoft (with its Active Directory) or Google, Okta, etc.; basically any time you see Login with ....

During SSO, the IP delivers a response (assertion response) which indicates whether the user is authorized to access idgard.

For idgard it is important to know whether the IP was actually commissioned by a company (e.g., TÜV) in order to be able to check permissions and grant access. Enterprise Secret is therefore also used to ensure that the response was really sent by the commissioned IP and not by a malicious third-party. Enterprise Secret is used to encrypt and decrypt the assertion response.


    • Related Articles

    • Enterprise settings

      Specifications for the layout of the idgard add-in or the creation of idgard emails can be defined in the enterprise settings of the idgard web application. These settings are made by the administrator and apply to all idgard users within the ...

    • Information on access possibilities and data protection

      When granting access to existing Boxes please keep in mind that all already existing Box members and everyone else who receives the share link can view the Box contents. Depending on the specific application, idgard will display corresponding ...