Skip to main content

A Guide to Authentication Services in IBM Security Access Manager for Enterprise Single Sign-On

An IBM Redpaper publication


Published on 16 February 2012

  1. .EPUB (1.2 MB)
  2. .PDF (0.7 MB)

Share this page:   

IBM Form #: REDP-4835-00

Authors: Axel Buecker, Kenny Chow and Jenny Wong

    menu icon


    IBM® Security Access Manager for Enterprise Single Sign-On introduces a new level of security, authentication, and automation experience to business enterprise users on their desktop applications. On a day-to-day basis, the number of resources or applications that a business user accesses varies and is inevitably increasing. Applications that a user employs during normal daily activities might require a range of elements to authenticate or verify the user’s identity before granting access to corporate information. The classic authentication approach is the unique user name and password combination. Each desktop application might require its own unique set of user name and password credentials. The challenge that users are faced with is the need to remember each and every set of unique credentials for different applications. Access Manager for Enterprise Single Sign-On offers users an experience that eliminates the need to remember and manage multiple sets of user names and passwords. Through the ease of AccessProfiles, this solution is able to capture and manage credential information for a range of supported application types. Not only does this increase user efficiency by making daily activities more convenient, but, very importantly, it efficiently decreases costs for business organizations to address password management issues, supports the need to manage business risks, and ensures that sufficient security and regulatory compliance are in place.

    Access Manager for Enterprise Single Sign-On offers efficient sign-on solutions and automation of workflow for existing applications as they are. No modifications are required to the existing targeted systems, platforms, or applications where the product is deployed. Consequently, the format of user name and password logon information can differ between applications. Access Manager for Enterprise Single Sign-On uses the concept of authentication services to represent and map to the different formats used. In some cases, AccessProfiles require specific engineering to accommodate complex application credential structures and authentication logic.

    This IBM Redpaper™ publication explains the fundamentals of authentication services; how they can be deployed and associated with desktop applications; and highlights best practices regarding how authentication services should be utilized to achieve successful automation workflow and single sign-on.

    Table of Contents

    Authentication services concepts

    Building blocks of an AccessProfile

    Enterprise and personal authentication service

    Direct and indirect authentication services

    Authentication service group and links

    Server locators

    Best practices and use-case scenarios

    Code snippets for common tasks


    Others who read this also read