Integrated Windows Authentication ("IWA") integrates the SAP® Application Server authentication of users with the Microsoft Active Directory Domain user authentication which takes place when a user first logs on at their Workstation.

With IWA, users only have to remember how to logon to their Windows Workstation, and the credentials issued by the Domain Controller during this logon are used to authenticate them to applications which are IWA enabled. With the CyberSafe TrustBroker™ Security Solutions, SAP® Applications become IWA enabled.

What is Secure Single SignOn / SSSO ?

Secure Single SignOn ("SSSO") describes an experience given to users when they are required to logon to many applications. Instead of them having to enter a user name and password for each application, they are automatically authenticated to the application using a common identity, that is determined when they authenticate themselves for the first time.

When SSSO is combined with IWA the users common identity is determined when they first log onto their Workstation, and the credentials issued during this logon are stored securely on their Workstation so that they can be re-used by SSSO enabled Applications. When using the CyberSafe TrustBroker™ Security Solutions, SAP® Applications are SSSO enabled.

Single SignOn ("SSO") can describe many different ways to implement a single user authentication solution, but does not imply that the logon is secure. e.g. SSO can be implemented, and provided to users, by storing their password and passing this stored password across the network, but SSSO would be implemented using cryptography and credentials so that passwords or user sensitive information is never transmitted, or stored.