This statement is TRUE and represents the standard architecture for Federated Single Sign-On. In the context of SAML (Security Assertion Markup Language), Archer acts as the Service Provider (SP) , which is the application the user wants to access. The Identity Provider (IdP) , such as Okta, PingFederate, or Azure AD, is the system that holds the user's credentials and performs the actual authentication.
As detailed in the Archer installation and security guides, when a user attempts to log into Archer via SAML, Archer sends an authentication request to the IdP. The IdP authenticates the user and sends a "SAML Assertion" (a signed digital token) back to Archer. Archer then validates this token and allows the user access without them ever having to type their password directly into the Archer interface. This workflow is a cornerstone of modern enterprise security, allowing for centralized identity management and the enforcement of Multi-Factor Authentication (MFA) at the IdP level.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit