As I understand, user logged in to one application can log into other applications as a SSO, if the User Provider configured for each of these application is same or is configured as "Users" module.

With that as a background, can OutSystems act as an IDP(Identity Provider) itself and authenticate against the Users in OutSystems, for a SAML request/response from a Service Provider?

The Users that I referring to is the "Users" module, and the Service Provider that I am referring to can be any external website.

Use Case : A user who has valid OutSystems credentials, logs into the OutSystems application. On the web page of this application, there is a link to an external website. When user clicks on this link, he should not be asked for a credential again. He should be able to seamlessly log in to the external website using the credential that he already provided to log into OutSystems web application.

Hi Rajeev, 

Unless that external website is also built by you and you make it trust your outsystems application isn't possible. All those seamless authentications are based on trust and external websites will never trust that your outsystems app is a reliable source of authentication.



Thank you for your reply Marcelo. 

The external website is not in OutSystems and is not built by us. Let us assume that we can make the configuration at external website for them to trust OutSystems application, then how does this work?

Can OutSystems behave like an IDP and exchange SAML request/response for Authentication.

Hello Rajeev Jha,

Have you checked out the IdPServer component in the Forge?

It is an implementation of a SAML 2.0 identity provider.

Thank you