Translations:SSO (версия для системного администратора)/8/en
Материал из SmartPlayer
Operating Principle
| From the user side | From the server side |
|---|---|
| The user enters the authentication page and clicks the login via SSO button | Smartplayer frontend sends a redirect request to the backend |
| The user is transferred to the authentication page of his company | The SmartPlayer backend generates a request to the client's ADFS server and redirects the user to the company's authentication page using the SAML protocol |
| The user fills in personal data (login and password) on the authentication page of his company | The client server collects data and parameters for the response |
| The user is transferred to the SmartPlayer personal account | The client server again sends a response to the SmartPlayer server using SAML. The SmartPlayer server decrypts the received data and logs in the user. |
| The user can use all the functionality of the SmartPlayer platform depending on his role: user or administrator. This is configured on the client side in the ADFS server | After logging in, the SmartPlayer server saves data and settings about the user in its database |
It's possible to make an auto-log at the authentication stage. In this case, the user requested mandatory login at the beginning of each session.
Rights Allocation
g_smartplayer_admins: 'adminBrand', in fact g_smartplayer_admins = 'adminBrand'= administrator rights
g_smartplayer_manager: 'userBrand', in fact g_smartplayer_manager = 'userBrand' = user rights
