Pat Patterson, profile picture
Uploaded byPat Patterson
PPTX, PDF5,943 views

SAML Smackdown

SAML 2.0, standardized by OASIS in 2005, enables single sign-on (SSO), identity provisioning, and attribute synchronization across various platforms, gaining support from major companies like Google, Salesforce, and Microsoft. It serves as a universal identity solvent, interoperating with multiple identity protocols such as OAuth and XACML, allowing for seamless authentication and authorization processes. Additionally, SAML's capability to facilitate just-in-time provisioning enhances user management by automatically creating and updating user accounts as needed.

Embed presentation

Downloaded 180 times
SAML 2.0 The Universal Identity Solvent Pat Patterson Principal Developer Evangelist salesforce.com
SAML 2.0 Standardized by OASIS, March 2005 Widely supported – Google Apps since October 2006 – salesforce.com since Winter ’09 (October 2008) – Microsoft Active Directory Federation Services (AD FS) since version 2.0 (May 2010) – Your favorite service provider!
SAML Providers Service Provider –Provides some service/resource to user –Trusts identity provider to authenticate user Identity Provider –User logs in here –Creates SAML Assertion
social automate administer trust Bring your own Identity single sign-on and user management secure single sign-on and social apps centralized access management, provisioning and reporting
Authenticate SAML 2.0 Protocol Browser Identity Provider Service Provider GET /something HTTP/1.1 302 Found Location: http://idp.ex.com/saml?SAMLrequest=hf7893b… &RelayState=HKFDhh383 GET http://idp.ex.com/saml?SAMLrequest=hf78 93b…&RelayState=HKFDhh383 200 OK SAML Assertion in HTML FORM POST /acs SAML Assertion HTTP/1.1 302 Found Location: http://sp.ex.net/something Set-Cookie: token=value; Domain=.ex.net
More than just Single Sign-On! <Assertion> <Issuer/> <Signature/> <Subject/> <Conditions/> <AttributeStatement> <Attribute Name=”JobCode”> <AttributeValue> 12345678 </AttributeValue> </Attribute> <!-- Can send any number of additional attributes --> </AttributeStatement> <AuthnStatement/> </Assertion>
Can even provision identities! Just-in-time Provisioning – Service Provider creates account if one does not already exist, gives user immediate access – Service Provider updates account details with each SSO – Sweet spot: large pool of potential users, small number of actual users
SAML is Multi-Purpose! • Single Sign-On • Provisioning • Synchronization • But that’s not all!
Embedded SAML • Loose coupling between identity protocols allows us to use SAML in an OAuth flow My Company Inc
SAML in OAuth
Other Protocols in SAML • ‘Authenticate’ user step can be anything • Username/password (ugh!) still most common • Any web-based interaction – e.g. two factor • Wrap any protocol in HTTP – e.g. Kerberos -> SPNEGO
SPNEGO – Kerberos within SAML
So SAML is Composable But wait… That’s still not all!!!
The SAML Assertion is a Universal Identity Solvent! Even competing federation protocols use SAML Assertion as a token format!
Token Exchange • Authorization Services can function as RESTfulSTS’s(remember those?) • Client app obtains SAML Assertion from enterprise IAM infrastructure • Authorization Service verifies Assertion, issues token for API access • Client app is off to the races
Bridging to the Brave New World IETF Draft: SAML 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants
SAML -> OAuth -> Any API! Enterprise apps get to play – OpenID Connect – SCIM – Cloud Services – Whatever you want
SAML and XACML • SAML 2.0 Profile for XACML • SAML as transport for XACML attributes
So wait… Not only can SAML do SSO and provisioning… It can also interoperate with ALL of the other identity protocols on stage?
SAML Smackdown

More Related Content

PPTX
IdP, SAML, OAuth
byDan Brinkmann
 
PDF
SAML Protocol Overview
byMike Schwartz
 
PDF
Single sign on using SAML
byProgramming Talents
 
PDF
SAML and Liferay
byMika Koivisto
 
PPTX
Saml vs Oauth : Which one should I use?
byAnil Saldanha
 
PPTX
Saml sso by Tamil on nullblrmeet 21st July 2015
byn|u - The Open Security Community
 
PDF
Introduction to SAML
byClément OUDOT
 
PDF
Introducing SAML 2.0 Protocol: Security and Performance
byAmin Saqi
 
IdP, SAML, OAuth
byDan Brinkmann
 
SAML Protocol Overview
byMike Schwartz
 
Single sign on using SAML
byProgramming Talents
 
SAML and Liferay
byMika Koivisto
 
Saml vs Oauth : Which one should I use?
byAnil Saldanha
 
Saml sso by Tamil on nullblrmeet 21st July 2015
byn|u - The Open Security Community
 
Introduction to SAML
byClément OUDOT
 
Introducing SAML 2.0 Protocol: Security and Performance
byAmin Saqi
 

What's hot

PDF
Introduction to SAML 2.0
byMika Koivisto
 
PDF
Single Sign-On Best Practices
bySalesforce Developers
 
PDF
Iam f42 a
bySelectedPresentations
 
PDF
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
byJ V
 
PDF
SAML 101
byEchoworx
 
PPT
Ad fs
byIván Sanchez Vera
 
PPT
Presentation sso design_security
byMarco Morana
 
PDF
Simplifying The S's: Single Sign-On, SPNEGO and SAML
byGabriella Davis
 
PDF
SAML and Other Types of Federation for Your Enterprise
byDenis Gundarev
 
PPTX
LASCON 2017: SAML v. OpenID v. Oauth
byMike Schwartz
 
PDF
Federation Services
byVicente Rodriguez Eguibar
 
PPTX
IBM Single Sign-On
byVan Staub, MBA
 
PDF
Our road to Single Sign-On, DocPlanner
byTomasz Wójcik
 
PPTX
Server to Server API Security
byGanesh Ghag
 
PPTX
DD109 Claims Based AuthN in SharePoint 2010
bySpencer Harbar
 
PPTX
Active Directory Single Sign-On with IBM
byVan Staub, MBA
 
PPTX
2. Day 2 - Identify and SSO
byHuy Pham
 
PPTX
Session 3c The SF SaaS Framework
byCode Mastery
 
PPTX
SSO IN/With Drupal and Identitiy Management
byManish Harsh
 
PPT
SSO Strategy Implementation Considerations
byJohn Bauer
 
Introduction to SAML 2.0
byMika Koivisto
 
Single Sign-On Best Practices
bySalesforce Developers
 
Iam f42 a
bySelectedPresentations
 
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
byJ V
 
SAML 101
byEchoworx
 
Ad fs
byIván Sanchez Vera
 
Presentation sso design_security
byMarco Morana
 
Simplifying The S's: Single Sign-On, SPNEGO and SAML
byGabriella Davis
 
SAML and Other Types of Federation for Your Enterprise
byDenis Gundarev
 
LASCON 2017: SAML v. OpenID v. Oauth
byMike Schwartz
 
Federation Services
byVicente Rodriguez Eguibar
 
IBM Single Sign-On
byVan Staub, MBA
 
Our road to Single Sign-On, DocPlanner
byTomasz Wójcik
 
Server to Server API Security
byGanesh Ghag
 
DD109 Claims Based AuthN in SharePoint 2010
bySpencer Harbar
 
Active Directory Single Sign-On with IBM
byVan Staub, MBA
 
2. Day 2 - Identify and SSO
byHuy Pham
 
Session 3c The SF SaaS Framework
byCode Mastery
 
SSO IN/With Drupal and Identitiy Management
byManish Harsh
 
SSO Strategy Implementation Considerations
byJohn Bauer
 

Viewers also liked

PDF
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
byNov Matake
 
PDF
AEM GEMS Session SAML authentication in AEM
byAdobeMarketingCloud
 
PPTX
Single Sign On 101
byMike Schwartz
 
PDF
White Paper: Saml as an SSO Standard for Customer Identity Management
byGigya
 
PPTX
Single sign on
byRob Fitzgibbon
 
PDF
Adobe Experience Manager (AEM) - Multilingual SIG on SEO - Dave Lloyd
byDave Lloyd
 
PDF
LDAP, SAML and Hue
bygethue
 
PDF
Integrating SAP the Java EE Way - JBoss One Day talk 2012
byhwilming
 
PDF
Enterprise Single Sign-On - SSO
byOliver Mueller
 
PPT
Connecting IMS LTI and SAML (Draft)
byCharles Severance
 
PPTX
Sap java connector / Hybris RFC
byMonsif Elaissoussi
 
PPTX
Interoperability - LTI and Experience API (Formerly TinCan)
byNine Lanterns
 
PPTX
E Tmf Tutorial
byrammellel
 
PDF
Peeples authentication authorization_services_with_saml_xacml_with_jboss_eap6
byKenneth Peeples
 
PDF
RMLL 2013 - The SAML Protocol: Single Sign On for skilled people
byClément OUDOT
 
DOCX
235470379 rfc-destination-sap-srm
byManish Nangalia
 
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
byNov Matake
 
AEM GEMS Session SAML authentication in AEM
byAdobeMarketingCloud
 
Single Sign On 101
byMike Schwartz
 
White Paper: Saml as an SSO Standard for Customer Identity Management
byGigya
 
Single sign on
byRob Fitzgibbon
 
Adobe Experience Manager (AEM) - Multilingual SIG on SEO - Dave Lloyd
byDave Lloyd
 
LDAP, SAML and Hue
bygethue
 
Integrating SAP the Java EE Way - JBoss One Day talk 2012
byhwilming
 
Enterprise Single Sign-On - SSO
byOliver Mueller
 
Connecting IMS LTI and SAML (Draft)
byCharles Severance
 
Sap java connector / Hybris RFC
byMonsif Elaissoussi
 
Interoperability - LTI and Experience API (Formerly TinCan)
byNine Lanterns
 
E Tmf Tutorial
byrammellel
 
Peeples authentication authorization_services_with_saml_xacml_with_jboss_eap6
byKenneth Peeples
 
RMLL 2013 - The SAML Protocol: Single Sign On for skilled people
byClément OUDOT
 
235470379 rfc-destination-sap-srm
byManish Nangalia
 

Similar to SAML Smackdown

PDF
"Securing SSO Authentication: Strategies to eliminate vulnerabilities", Oleh ...
byFwdays
 
PDF
Demystifying SAML 2.0,Oauth 2.0, OpenID Connect
byVinay Manglani
 
PPTX
Understanding SAML 2.0: Enhancing Secure Authentication
byNarendra Kadali
 
PPTX
Introduction to SAML and how to create it by JoeSelian.pptx
byimcheaterid
 
PDF
SAML V2.0 Basics - Security Assertion Markup Language
bytomatkins
 
PDF
Introduction to SAML & OIDC
byForgeRock Identity Tech Talks
 
PDF
SAML
byLéopold Gault
 
ODP
Shibboleth Guided Tour Webinar
byJohn Lewis
 
PDF
SSO with the WSO2 Identity Server
byWSO2
 
PDF
CIS13: Bootcamp: Ping Identity SAML in Action with PingFederate Hands-On
byCloudIDSummit
 
PPTX
Help! I Have An Identity Crisis: A look at various mechanisms of Single Sign On
bySaloni Shah
 
PPTX
Taking Identity from the Enterprise to the Cloud
byPat Patterson
 
PPT
Identity 2.0 and User-Centric Identity
byOliver Pfaff
 
PDF
Office 365 identity
byMotty Ben Atia
 
PDF
SAML Executive Overview
byPortalGuard
 
PPTX
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)
bygemziebeth
 
PDF
dist-access. access control in distributed systemspdf
byNohaNagy5
 
PDF
Identity mediation for enterprise identity bus
byPushpalanka Jayawardhana
 
PDF
Sso with the wso2 identity server
bysureshattanayake
 
PDF
Wp saml v2_rs_3_24_2015
byElaine Sun
 
"Securing SSO Authentication: Strategies to eliminate vulnerabilities", Oleh ...
byFwdays
 
Demystifying SAML 2.0,Oauth 2.0, OpenID Connect
byVinay Manglani
 
Understanding SAML 2.0: Enhancing Secure Authentication
byNarendra Kadali
 
Introduction to SAML and how to create it by JoeSelian.pptx
byimcheaterid
 
SAML V2.0 Basics - Security Assertion Markup Language
bytomatkins
 
Introduction to SAML & OIDC
byForgeRock Identity Tech Talks
 
SAML
byLéopold Gault
 
Shibboleth Guided Tour Webinar
byJohn Lewis
 
SSO with the WSO2 Identity Server
byWSO2
 
CIS13: Bootcamp: Ping Identity SAML in Action with PingFederate Hands-On
byCloudIDSummit
 
Help! I Have An Identity Crisis: A look at various mechanisms of Single Sign On
bySaloni Shah
 
Taking Identity from the Enterprise to the Cloud
byPat Patterson
 
Identity 2.0 and User-Centric Identity
byOliver Pfaff
 
Office 365 identity
byMotty Ben Atia
 
SAML Executive Overview
byPortalGuard
 
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)
bygemziebeth
 
dist-access. access control in distributed systemspdf
byNohaNagy5
 
Identity mediation for enterprise identity bus
byPushpalanka Jayawardhana
 
Sso with the wso2 identity server
bysureshattanayake
 
Wp saml v2_rs_3_24_2015
byElaine Sun
 

More from Pat Patterson

PPTX
Provisioning IDaaS - Using SCIM to Enable Cloud Identity
byPat Patterson
 
PPTX
Project Ouroboros: Using StreamSets Data Collector to Help Manage the StreamS...
byPat Patterson
 
PPTX
OData: A Standard API for Data Access
byPat Patterson
 
PPTX
Ingest and Stream Processing - What will you choose?
byPat Patterson
 
PPTX
Dealing With Drift - Building an Enterprise Data Lake
byPat Patterson
 
PPTX
All Aboard the Boxcar! Going Beyond the Basics of REST
byPat Patterson
 
PPTX
Open Source Big Data Ingestion - Without the Heartburn!
byPat Patterson
 
PPTX
Efficient Schemas in Motion with Kafka and Schema Registry
byPat Patterson
 
PPTX
How Imprivata Combines External Data Sources for Business Insights
byPat Patterson
 
PPTX
Building Data Pipelines with Spark and StreamSets
byPat Patterson
 
PPTX
Enterprise IoT: Data in Context
byPat Patterson
 
PDF
Building Custom Big Data Integrations
byPat Patterson
 
PPTX
OData: Universal Data Solvent or Clunky Enterprise Goo? (GlueCon 2015)
byPat Patterson
 
PPTX
Integrating with Einstein Analytics
byPat Patterson
 
PPTX
API-Driven Relationships: Building The Trans-Internet Express of the Future
byPat Patterson
 
PPTX
Data Integration with Apache Kafka: What, Why, How
byPat Patterson
 
PPTX
Dealing with Drift: Building an Enterprise Data Lake
byPat Patterson
 
PPTX
DevOps from the Provider Perspective
byPat Patterson
 
PPTX
Ingest and Stream Processing - What will you choose?
byPat Patterson
 
PPTX
Adaptive Data Cleansing with StreamSets and Cassandra
byPat Patterson
 
Provisioning IDaaS - Using SCIM to Enable Cloud Identity
byPat Patterson
 
Project Ouroboros: Using StreamSets Data Collector to Help Manage the StreamS...
byPat Patterson
 
OData: A Standard API for Data Access
byPat Patterson
 
Ingest and Stream Processing - What will you choose?
byPat Patterson
 
Dealing With Drift - Building an Enterprise Data Lake
byPat Patterson
 
All Aboard the Boxcar! Going Beyond the Basics of REST
byPat Patterson
 
Open Source Big Data Ingestion - Without the Heartburn!
byPat Patterson
 
Efficient Schemas in Motion with Kafka and Schema Registry
byPat Patterson
 
How Imprivata Combines External Data Sources for Business Insights
byPat Patterson
 
Building Data Pipelines with Spark and StreamSets
byPat Patterson
 
Enterprise IoT: Data in Context
byPat Patterson
 
Building Custom Big Data Integrations
byPat Patterson
 
OData: Universal Data Solvent or Clunky Enterprise Goo? (GlueCon 2015)
byPat Patterson
 
Integrating with Einstein Analytics
byPat Patterson
 
API-Driven Relationships: Building The Trans-Internet Express of the Future
byPat Patterson
 
Data Integration with Apache Kafka: What, Why, How
byPat Patterson
 
Dealing with Drift: Building an Enterprise Data Lake
byPat Patterson
 
DevOps from the Provider Perspective
byPat Patterson
 
Ingest and Stream Processing - What will you choose?
byPat Patterson
 
Adaptive Data Cleansing with StreamSets and Cassandra
byPat Patterson
 

Recently uploaded

PDF
Building Software in the AI Era: Spec-Driven Development with Kiro IDE
byHaim Michael
 
PDF
Using Change Data Capture (CDC) to Ingest Data into Apache Kafka
byGiovanni Marigi
 
PDF
Louisville User Group: Transforming Technical Debt into Technical Wealth
byLynda Kane
 
PDF
oracle_apex_tamil_export_an_application.pdf
byUthamaselvan M
 
PPTX
Unit 1 Introduction of Computer Networks
bySuvarnaSharma5
 
PDF
The Cost of Missing Critical Connections in Data - Suspicious Behavior Detect...
byEnterprise Knowledge
 
PDF
SEO in Charleston SC | Local SEO Strategies to Grow Your Business.pdf
bycustomdigitalsolutio1
 
PPTX
DATALIVA-Presentation-EN_2026 Budgeting SAP Odoo ERP
byMustafa Kuğu
 
PDF
Best-Travel-Portal-Development-Solutions-for-Online-Growth
bykashishnagarrajput
 
DOCX
Quercus semecarpifolia is widely recognized as a keystone species in alpine a...
byMadan Bhandari university and St. Xavier's college , Maitighar
 
PPTX
Sensors-and-Actuators-in-IoT-Systems.pptx
byMuhammedNihal54
 
PDF
The Rise of AI Fashion Tools and Innovations in 2026
bymockitseo
 
PDF
Azure Identity, Governance, and Monitoring solutions
byVICTOR MAESTRE RAMIREZ
 
PDF
Beyond BBB: Practical Alternatives to Posterior Approximation in Bayesian Neu...
byTomasz Kusmierczyk
 
PDF
Taxonomy Principles to Support Knowledge Management at a Not-for-Profit
byEnterprise Knowledge
 
PDF
threat-hunters-cookbook for cybersecurity
bylobster6719
 
PPTX
Lecture 04. about Black heads and Hackerss.pptx
byvinocol222
 
PPTX
ICT Entrepreneur Quiz for grade 7...........
bykayramos6
 
PDF
Josh Chu Boston - An Innovative Technology Executive
byJosh Chu Boston
 
PDF
splunk-peak-threat-hunting-framework.pdf
bylobster6719
 
Building Software in the AI Era: Spec-Driven Development with Kiro IDE
byHaim Michael
 
Using Change Data Capture (CDC) to Ingest Data into Apache Kafka
byGiovanni Marigi
 
Louisville User Group: Transforming Technical Debt into Technical Wealth
byLynda Kane
 
oracle_apex_tamil_export_an_application.pdf
byUthamaselvan M
 
Unit 1 Introduction of Computer Networks
bySuvarnaSharma5
 
The Cost of Missing Critical Connections in Data - Suspicious Behavior Detect...
byEnterprise Knowledge
 
SEO in Charleston SC | Local SEO Strategies to Grow Your Business.pdf
bycustomdigitalsolutio1
 
DATALIVA-Presentation-EN_2026 Budgeting SAP Odoo ERP
byMustafa Kuğu
 
Best-Travel-Portal-Development-Solutions-for-Online-Growth
bykashishnagarrajput
 
Quercus semecarpifolia is widely recognized as a keystone species in alpine a...
byMadan Bhandari university and St. Xavier's college , Maitighar
 
Sensors-and-Actuators-in-IoT-Systems.pptx
byMuhammedNihal54
 
The Rise of AI Fashion Tools and Innovations in 2026
bymockitseo
 
Azure Identity, Governance, and Monitoring solutions
byVICTOR MAESTRE RAMIREZ
 
Beyond BBB: Practical Alternatives to Posterior Approximation in Bayesian Neu...
byTomasz Kusmierczyk
 
Taxonomy Principles to Support Knowledge Management at a Not-for-Profit
byEnterprise Knowledge
 
threat-hunters-cookbook for cybersecurity
bylobster6719
 
Lecture 04. about Black heads and Hackerss.pptx
byvinocol222
 
ICT Entrepreneur Quiz for grade 7...........
bykayramos6
 
Josh Chu Boston - An Innovative Technology Executive
byJosh Chu Boston
 
splunk-peak-threat-hunting-framework.pdf
bylobster6719
 

SAML Smackdown

  • 1.
    SAML 2.0 The UniversalIdentity Solvent Pat Patterson Principal Developer Evangelist salesforce.com
  • 2.
    SAML 2.0 Standardized byOASIS, March 2005 Widely supported – Google Apps since October 2006 – salesforce.com since Winter ’09 (October 2008) – Microsoft Active Directory Federation Services (AD FS) since version 2.0 (May 2010) – Your favorite service provider!
  • 3.
    SAML Providers Service Provider –Providessome service/resource to user –Trusts identity provider to authenticate user Identity Provider –User logs in here –Creates SAML Assertion
  • 4.
    social automate administer trust Bring your ownIdentity single sign-on and user management secure single sign-on and social apps centralized access management, provisioning and reporting
  • 5.
    Authenticate SAML 2.0 Protocol Browser IdentityProvider Service Provider GET /something HTTP/1.1 302 Found Location: http://idp.ex.com/saml?SAMLrequest=hf7893b… &RelayState=HKFDhh383 GET http://idp.ex.com/saml?SAMLrequest=hf78 93b…&RelayState=HKFDhh383 200 OK SAML Assertion in HTML FORM POST /acs SAML Assertion HTTP/1.1 302 Found Location: http://sp.ex.net/something Set-Cookie: token=value; Domain=.ex.net
  • 6.
    More than justSingle Sign-On! <Assertion> <Issuer/> <Signature/> <Subject/> <Conditions/> <AttributeStatement> <Attribute Name=”JobCode”> <AttributeValue> 12345678 </AttributeValue> </Attribute> <!-- Can send any number of additional attributes --> </AttributeStatement> <AuthnStatement/> </Assertion>
  • 7.
    Can even provisionidentities! Just-in-time Provisioning – Service Provider creates account if one does not already exist, gives user immediate access – Service Provider updates account details with each SSO – Sweet spot: large pool of potential users, small number of actual users
  • 8.
    SAML is Multi-Purpose! •Single Sign-On • Provisioning • Synchronization • But that’s not all!
  • 9.
    Embedded SAML • Loosecoupling between identity protocols allows us to use SAML in an OAuth flow My Company Inc
  • 10.
  • 11.
    Other Protocols inSAML • ‘Authenticate’ user step can be anything • Username/password (ugh!) still most common • Any web-based interaction – e.g. two factor • Wrap any protocol in HTTP – e.g. Kerberos -> SPNEGO
  • 12.
  • 13.
    So SAML isComposable But wait… That’s still not all!!!
  • 14.
    The SAML Assertionis a Universal Identity Solvent! Even competing federation protocols use SAML Assertion as a token format!
  • 15.
    Token Exchange • AuthorizationServices can function as RESTfulSTS’s(remember those?) • Client app obtains SAML Assertion from enterprise IAM infrastructure • Authorization Service verifies Assertion, issues token for API access • Client app is off to the races
  • 16.
    Bridging to theBrave New World IETF Draft: SAML 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants
  • 17.
    SAML -> OAuth-> Any API! Enterprise apps get to play – OpenID Connect – SCIM – Cloud Services – Whatever you want
  • 18.
    SAML and XACML •SAML 2.0 Profile for XACML • SAML as transport for XACML attributes
  • 19.
    So wait… Not onlycan SAML do SSO and provisioning… It can also interoperate with ALL of the other identity protocols on stage?

Editor's Notes

  • #5 But Salesforce Identity doesn’t just make our user’s lives simpler. Salesforce Identity delivers the same ease of deploying and managing force.com applications to any app.Now, Admins can use their most trusted cloud to centrally control access to any of their apps. Simply setup your app, assign permissions, and with single click you can make it available to the users that need access. Let’s take a look at the major piecesSingle Sign-OnUsers sign in once to salesforce, and gain one click access to applications. The Identity enabled Chatter feed allows deeply integrated applications to push important information to the user, or even access the app directly from the feedIdentity &amp; Access ManagementAdministrators centrally manage access to applications, be those web, mobile or tablet. Management of users across applications and clouds is automated through highly flexible provisioning workflows. When users leave your company, you’re assured they’re properly removed with automated de-provisioning.Centralized ReportingGain transparency, insight, and piece of mind with centralized reports over user authentication, access, utilization, and de-provisioningEnterprise Directory IntegrationAnd, if you want to leverage your existing systems like Active Directory, we have best of breed integration capabilities built on open standards