CloudLink supports integration with third-party Single Sign-On (SSO) enabling users to access multiple applications with a single set of login credentials. SSO reduces the need for multiple logins, promoting efficient and seamless navigation across various platforms.
CloudLink supports Identity Provider (IdP) integration using the Security Assertion Markup Language (SAML) 2.0 protocol, enabling users to utilize their current identity management systems with enhanced security and interoperability provided by SAML 2.0.
Microsoft's cloud-based, Azure Active Directory (Azure AD), provides authentication and authorization for users, devices, and applications.
Outlook 365 integrates cloud-based email, calendar, and collaboration services, ensuring seamless integration with Azure AD for secure user identity management.
The user accesses the CloudLink application on their mobile or web browser and the application loads. The application generates metadata and redirects the user to the CloudLink platform.
The CloudLink Auth Portal validates the application metadata and forwards the authentication request to the CloudLink Authentication microservice.
The CloudLink Authentication microservice initiates the SAML authentication request to the configured identity provider.
The user has an active session with the Identity Provider or a new session is created by logging into the Identity Provider. The IDP may enforce Multi-Factor Authentication depending on its configuration.
The CloudLink Platform validates the response using the associated X.509 certificate.
The authenticated user is granted access to CloudLink and redirected back to the application with an authentication code.
The application then exchanges the authentication code for a token and completes its initialization.
The following topics provide information on how to integrate a CloudLink account with the supported third-party applications.