You want to make it as easy as possible for your entrants to log into your awards program. But what options are out there? And, how can Award Force help?
One of the options available through Award Force is called SAML, which stands for Security Assertion Markup Language. But what does it mean? What does it do?
What is SAML?
SAML provides a standard for authentication between two platforms.
In simple terms, this means if you have an account on one platform you can sign into another completely different platform using your identity from the first platform. This obviates the need to create a new account because users can use an already existing account.
What are the advantages of SAML?
There are several time-saving advantages to using SAML. Your participants will not be required to:
- Complete a registration form
- Type in login credentials
- Manage another complex password
How does SAML work?
The platform the user originates from is called the identity provider. This is often a corporate identity management system such as Microsoft AD FS or OneLogin. The second platform – in our case, Award Force– is the service provider.
The identity provider does the background work – checking usernames and passwords, while the service provider simply provides the service without having to validate the user’s identity. It instead trusts the identity provider to do its job.
It’s a lot like checking into a hotel. At the hotel reception, you hand over your credit card and provide identification like a passport or driver’s licence. Once you’ve checked in you can charge expenses throughout the hotel to your room, such as visiting the gym or eating at the restaurant. The gym and restaurant don’t need to see your credit card and driver’s licence because the hotel reception already did that and confirmed your identity. The restaurant and the gym trust that the hotel reception did a good job in their identity checking. In this example the hotel reception is the identity provider and the restaurant is the service provider.
SAML in Award Force
When a user signs into Award Force using SAML, our platform will check what’s known as the SAML assertion to make sure the user is coming from a trusted source. If Award Force is satisfied that the identity provider has done its job, the login is allowed.
Award Force will also look at the assertion to identify the user and make sure they’re logged into the correct account. This is a bit like the hotel restaurant charging the correct room for dinner in our previous analogy. The user won’t see any of this back-and-forth between the identity provider and the service provider. For the user, it’s a seamless and simple process of clicking a button.
How to set up SAML in Award Force
To set up SAML on an Award Force account you’ll need three things:
- Issuer URL – this is a unique web address from the identity provider
- Single sign-on service URL – this is the web address where the authentication process is initiate
- X.509 certificate – this is what validates the identity provider so we can be sure it is a trusted source
You’ll need to get this information from your system for input into Award Force.
Once SAML is set up your users will be able to click a button to log in instantly. You can also provide a login link directly from the identity provider platform and bypass the Award Force login page completely.
SAML – a seamless experience
With SAML, your users will be able to sign on quickly and easily and avoid both re-registration and login on Award Force. Leave the busy work to the providers in the background, and provide your awards community a seamless experience from the very first click.