Authentication: SSO, SAML, and Ingest Authentication

Ensure the security of your Kloudfuse clusters through SSO, SAML, and Ingestion Authentication.

SAML

SAML is an acronym for Security Assertion Markup Language; it enables users to access multiple applications with one set of credentials. SAML is an interoperable standard that allows different systems and devices to work together.

How SAML works

  1. An identity provider (IdP) authenticates a user.

  2. The IdP passes an authentication token to a service provider (SP).

  3. The SP operates without performing its own authentication.

  4. The SP passes the user’s identity to integrate internal and external users.

SSO

SSO is an acronym Single Sign-On, an authentication plan that enables you to use a single set of login credentials (such as username and password) to access any independent or federated software system. SAML supports SSO as it enables federated identity management.

How SSO works

  1. A user logs in to an application.

  2. They are automatically signed in to other connected applications.

    This makes it easier for users to manage multiple usernames and passwords.

See the following documentation:

Ingest Authentication

Ingest Authentication prevents unauthorized access to data ingestion points, and ensures that only trusted sources can send data. It is the process of verifying the identity of a source trying to send data into a system like the Kloudfuse platform. It uses a unique token or credential specifically designed for data ingestion to ensure that only authorized sources can send data to that system. It is a security measure to control who can "feed" data into a platform.

See Ingestion Authentication, Ingestion Authentication with API Key, and Ingestion Authentication with OAuth2 Credential Token.