# Release notes 3.3
Thuesday, December 10, 2019
# SAML 2.0 - Authentication Provider
SAML (Security Assertion Markup Language) is a standard protocol for integrating web-based systems with an Identity and Access Management system.
The SAML 2.0 – Authentication Provider enables external systems to access the 4ALLPORTAL via one or several identity providers. The 4ALLPORTAL acts as a service provider that supports several identity providers. Examples of external systems include user logins to the Windows Active Directory and a customer-specific CMS system that supports SAML.
Depending on the provider’s functions, reliable authentication using a central login for the 4ALLPORTAL is possible, consisting of the username and password. Further login methods – e.g., Windows Authentication with Single Sign On – are possible depending on the identity provider. For security reasons, communication between the 4ALLPORTAL and the service and identity provider always takes place via the HTTPS protocol.
Implementation tested with the following identity providers:
- Microsoft Active Directory Federation Services (AD FS)
- Microsoft Azure Active Directory
- Keycloak
- SSOCircle
Login options
Users can log into the system either with a central login via an authentication provider or as a 4ALLPORTAL user who is registered directly in the system’s User Management. To this end, there is a choice available on the login screen between a link button to be routed to the authentication provider or manual input of username and password.
Technical prerequisites for use:
- Configuration of the identity provider in the 4ALLPORTAL
- Installation of the 4APP Authentication Base
# How to get these improvements
- Upgrade the 4App Authentication Provider SAML (
4allportal-authentication-provider-saml) to version 3.3.x - Licensing the 4App Authentication Provider SAML