Chapter 1. Single sign-on in JBoss EAP


Single sign-on (SSO) is a process of authenticating identities for multiple clients from a central identity provider. For example, a user needs only one set of login credentials to log in to different applications that use the same SSO provider.

JBoss EAP supports the following SSO protocols:

OpenID Connect (OIDC)
OpenID Connect is an authentication protocol based on the OAuth 2.0 framework of specifications specified in RFC 6749 and RFC 6750.
Security Assertion Mark-up Language v2 (SAML v2)
SAML is a data format and protocol that enables the exchange of authentication and authorization information between two parties, typically an identity provider and a service provider. This information is exchanged in the form of SAML tokens that contain assertions, and are issued by Identity Providers to subjects for authenticating with Service Providers. Subjects can reuse SAML tokens issued by an identity provider with multiple service providers, supporting browser-based Single Sign-On in SAML v2.

You can use SSO to secure applications deployed on JBoss EAP running on bare metal as well as JBoss EAP running on Red Hat OpenShift Container Platform. For information about securing applications deployed on JBoss EAP running on Red Hat OpenShift Container Platform with SSO, see the Using JBoss EAP on OpenShift Container Platform.

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.