When a company is quite large and many different applications used by employees. But while those applications are mostly completely different, how to make it possible to not force users to enter credentials as many times as many applications they would like to use. The best way is to use SSO, so, it will be possible to have a portal, where users could launch any application used in a company. There are many different ways how to give access to your application by using the SSO mechanism, and some of them are:
- OAuth2
- Kerberos
- SAML
InterSystems already supports OAuth2 and can be quite easily deal with Kerberos. But I would like to discuss about using SAML (Security Assertion Markup Language).