Pivotal Single Sign-On

Note: Pivotal has renamed Single Sign‑On for Pivotal Cloud Foundry to Pivotal Single Sign‑On.

Note: Pivotal has renamed Pivotal Cloud Foundry to Pivotal Platform.

This topic provides an overview of Pivotal Single Sign‑On.

Pivotal Single Sign‑On is an all-in-one solution for securing access to apps and APIs on Pivotal Platform. Pivotal Single Sign‑On provides support for native authentication, federated single sign-on, and authorization. Operators can configure native authentication and federated single sign-on, for example SAML, to verify the identities of application users. After authentication, Pivotal Single Sign‑On uses OAuth 2.0 to secure resources or APIs.

About Pivotal Single Sign‑On

Pivotal Single Sign‑On enables users to log in through a single sign-on service and access other apps that are hosted or protected by the service. This improves security and productivity by removing the need for users to log in to individual apps.

Developers are responsible for selecting the authentication method for application users. They can select native authentication provided by the User Account and Authentication (UAA) or external identity providers. UAA is an open source identity server project under the Cloud Foundry (CF) foundation that provides identity based security for apps and APIs.

Pivotal Single Sign‑On supports service provider-initiated authentication flow and single logout. It does not support identity provider-initiated authentication flow. All Pivotal Single Sign‑On communication takes place over SSL.

OAuth 2.0 Authorization

After authentication, Pivotal Single Sign‑On uses OAuth 2.0 for authorization. OAuth 2.0 is an authorization framework that delegates access to apps to access resources on behalf of a resource owner.

Developers define resources required by an application bound to a Pivotal Single Sign‑On service instance and administrators grant resource permissions. See the Configure Applications topic for more details.

Product Snapshot

The following table provides version and version-support information about Pivotal Single Sign‑On:

Element Details
Version 1.10.0
Release date September 5, 2019
Compatible Ops Manager version(s) 2.7, 2.6, and 2.5
Compatible version(s) 2.7, 2.6, and 2.5
IaaS support AWS, GCP, OpenStack, Azure, and vSphere

Integration Guides

Use these guides to help you plan and implement your integration with Pivotal Single Sign‑On.