Federated Single Sign On
Federated Single Sign-on allows users to integrate with their organization's IDP (Identify Provider) solution so that users may log in to TPM with their own organization login credentials, rather than maintain a separate TPM username and password specific to the TPM application.
When a federated user starts to login to TPM they are redirected to their organization IDP for authentication (username, password). The IDP then sends a SAML response to the Textura SSO service (SP) indicating that the user is authenticated, and the username / email. A relationship Relying Party Trust is setup beforehand between SP and the IDP so the two systems can cooperate. SP then creates a user session in TPM and redirects the user to TPM with the new session.
NOTE: TPM does not see or have access to the user's password. That is known only to the IDP.
Last Published Tuesday, May 7, 2024