The WSO2 Identity Cloud uses the identities of the users in your local LDAP user store to provide single sign-on (SSO) access to multitudes of Software-as-a-Service (SaaS) applications. A representation of these applications can be added into the WSO2 Identity Cloud and are displayed in an application catalogue.
Figure: Adding applications and configuring them for SSO with an on-premise user store
Let's look at the basic business use cases of the WSO2 Identity Cloud and illustrate them using samples.
Introducing the samples
The WSO2 Identity Cloud comes with sample data for you to try out features like SSO. Sample data consists of two parts, a sample user store and few sample applications.
Sample user store
The main feature of the Identity Cloud is providing single sign-on (SSO) for the applications in an organization, so that the users of the organization can use all the applications without signing in to each and every application. WSO2 Identity Cloud provides you with a sample user store to try out single sign-on. Once you are done with the samples, you can connect the user store of your organization to the WSO2 Identity Cloud.
Sample applications are there to demonstrate how single sign-on works for your applications. These applications are similar to any third-party applications that have separate independent session management from the WSO2 Identity Cloud. We have used WSO2 Identity Cloud to illustrate single sign-on with these sample applications.
Note: The sample applications use SAML 2.0 protocol. Applications that use OpenID Connect and WS-Federation can also be configured.
Accessing Identity Cloud and deploying the samples
The sample data is not deployed by default. Once you create an organization and log in to the admin portal using your cloud credentials, the sample data can be deployed.
- If you have not registered to the WSO2 Identity Cloud yet, go to https://cloud.wso2.com/ and sign up.
When you log into the WSO2 Identity Cloud for the first time, you will see following screen. Click Start with sample data to configure a sample user store and sample applications. It takes a few seconds to deploy the sample user store and sample applications.
Tip: Clicking the Start with sample data link ensures that you have a sample user store configured to the WSO2 Identity Cloud. It also ascertains that two sample applications are added to the catalogue of applications associated with your account.
- In the page that appears, you can see a notification that states that you are using a sample user store now. You can also see a list of sample users. Click the icon next to the password to see the password for a user. Make a note of the credentials of the user. Click Try out Sample Applications.
Accessing the sample applications using SSO
The next step is to access the sample applications in the WSO2 Identity Cloud using single sign-on.
- Once you click the Try out Sample Applications button, a new window opens and you can see the catalogue of applications for your account.
- Right-click on an application and open it in a new private window or copy the link into a different browser. Click the LOGIN button.
- You are requested to log into the WSO2 Cloud. Use the credentials that were generated for the sample user store and click Sign In.
- You are now logged into this application.
- Now open the other application in the same browser that you opened the first application. You are automatically logged into this application without having to enter any credentials.
You have now configured single sign-on using two sample applications and a sample user store.