Question

An organization needs to integrate with a third-party cloud application. The organization has 15000 users and does not want to allow the cloud provider to query its LDAP authentication server directly. Which of the following is the BEST way for the organization to integrate with the cloud application?

a. Upload a separate list of users and passwords with a batch import.
b. Distribute hardware tokens to the users for authentication to the cloud
c. Implement SAML with the organization's server acting as the identity provider.
d. Configure a RADIUS federation between the organization and the cloud provider

Answer 1

The BEST way for the organization to integrate with the cloud application is:

c. Implement SAML with the organization's server acting as the identity provider.

Step-by-step explanation:

Implementing SAML (Security Assertion Markup Language) integrations will provide more security to the organization (identity provider) as users' credentials are exposed to fewer parties. SAML authenticates the users to the cloud application provider. SAML enables the organization to pass authorization credentials to the service provider by transferring the users' identities to the service provider.