A company needs to provide employee access to travel services, which are hosted by a third-party service provider. Employee experience is important, and when users are already authenticated, access to the travel portal is seamless. Which of the following methods is used to share information and grant user access to the travel portal?
Single sign-on (SSO) access is a system that allows users to authenticate once and gain access to multiple systems without having to log in again for each service. This method is ideal for providing seamless user experiences, particularly for scenarios where employees need access to multiple services, including those hosted by third-party providers. SSO integrates with an identity management system to authenticate users and manage their sessions efficiently, ensuring that once a user is authenticated, they can move between services without encountering additional login prompts.
With the phrase 'hosted by a third-party service provider' send me towards D
D is correct
Federated. it's a form of sso
which are hosted by a "third-party service provider", those are the keywords.
If it were only federated that wouldn't provide the required employee experience, but SSO does. It may also be federated to have SSO work, but SSO is what is causing the experience. Federation without SSO would have the user logging into each portion again even if it were the same federated ID.
Single sign-on (SSO) is typically used to provide seamless access to multiple applications within a single organization. However, SSO can also be used to provide seamless access to third-party services hosted by other organizations. In the case of the company needing to provide employee access to a travel portal hosted by a third-party service provider, SSO can be used to provide seamless access to that service. This can be achieved by integrating the third-party service with the organization's identity and access management (IAM) system, which would allow users to access the travel portal using their existing credentials. The integration of the third-party service with the organization's IAM system can be achieved using various protocols, such as Security Assertion Markup Language (SAML) or Open Authorization (OAuth), which are commonly used for SSO. Therefore, while SSO is typically used within a single organization, it can also be used to provide seamless access to third-party services hosted by other organizations, such as the travel portal in this case.
I prefer SSO
Your preference doesn't change what the answer actually is.
No such thing as SSO access or SAML access (wrong terminology)
Federated access or Federated identity is a form of single sign-on that allows users to use a single credential to authentice across multiple organization's systems and websites.
OK so I wouldn't put a third party app on the SSO even if it was for convenience. Federated access is possible since employees have the convenience on hoping on that link without verifying their identify.
A. Single sign-on (SSO) access is the best choice here.........................D.Federated Access is not a good answer. The method of Federated access is not the most suitable for providing seamless access to the travel portal for authenticated users. Federated access, while commonly used for single sign-on (SSO), can be more complex to set up and troubleshoot, often involving identity providers (IdP) and service providers (SP) to establish and maintain the federation trust relationship. This complexity can lead to configuration issues, endpoint problems, and other challenges that may not provide the seamless experience desired for employee access to the travel services. Therefore, in the context of the question, single sign-on (SSO) access is a more appropriate and straightforward method to ensure seamless access for authenticated users.
D includes A,B,C
Answer: B D. Federated access is a broader concept referring to the agreement and arrangement between multiple enterprises that lets subscribers use the same identification data to obtain access to the networks of all enterprises in the group. A. Single sign-on (SSO) is also a broader concept, referring to the ability for users to log in once and access multiple applications or services without logging in again. B. Security Assertion Markup Language (SAML) is a specific protocol, a ‘method’ used to achieve both federated access and SSO. So, while both A (SSO) and D (Federated access) describe overarching concepts or methodologies, B (SAML) is a specific technical protocol, and a ‘method’ used to implement those concepts.
SAML uses XML-based messages to exchange information between the identity provider and the service provider, such as the user's identity, attributes, and entitlements. SAML access can provide a seamless user experience and a high level of security for the travel portal. A, D is too general term, C only share authorization
Here is what I found: Security Assertion Markup Language (SAML) is an open standard for exchanging authentication and authorization data between parties, specifically between an identity provider and a service provider. Its main purpose is to enable Single Sign-On (SSO), where users can log in once and gain access to a variety of different systems without being re-prompted to enter credentials. SAML allows a user's identity and access rights to be verified in one domain (such as the user's home organization) and be able to use services in another domain (such as a cloud application) without needing to authenticate again. In short, SAML simplifies and standardizes the identity verification process across different systems and platforms, significantly improving user convenience and enhancing the security of handling user identities.
I think they're going for Federated Access. The reason is it says seamless if already authenticated. Single Sign-On just means you can use the same information for different sites/domains, it doesn't make things "seamless".