Related links
Homepage
User documentation
Uživatelská dokumentaceFramework Core functionality
- Client-defined object attributes
- Common Libraries
- Default server methods
- Export collection of objects
- AyMINE Framework Server
- The AyMINE licence model
- System Rights
- Import collection of objects
- Multi tenant Architecture
- Strings and translations
- Event-based architecture
- System messaging
- User sessions
- User defined fields
Libraries & Lincences
Module - support for management
Front-End Scripting
System Management
Task Management Module
Task & Task pattern
Mobile & Web Application
- clientprogramming_fevaldataobject
- userinterface-objectstructure
- cliplink
- npmlibraries
- fclip
- drag-drop
- AyMINE Application
- objectdefinition_inlineedit
- npmlibraries_stringlibrary
- clientprogramming
- mobileapplication
- languagesupport
- objectdefinition_multiupdate
- clientprogramming_fevalglobal
- clientprogramming_fevallanguage
- clientprogramming_fevaluser
- objectdefinition_viewdefinition
- offlineobjects
- System console
- Runtime debugging
- objectdefinition_detailview
CMS - Content Management & Web API services
FI - Finance Management
Sales & Asset management
Sales related services
Description of a part of the AM module - sales partHR - Human Resources
Single Sign-on authentication
Single sing-on supports access to the application verified by authentication from external source
AyMINE internally supports SSO with the external identity provider. Actually it support external identity from Microsoft. AyMINE Busienss is the registered MS Azure application.
SSO integration
Communication with external Single-Sign portal describes the activity diagram bellow:
Methods requires authentication verification from external SSO application. Server configuration is always client-specific and should by set up by system administrators including definition of the client-specific page for SSO redirect.
Standard login dialog cannot be used to login to the SSO account.
SSO method Limitations
SSO is not usable with the mobile application. Using the application could be total disabled for client's users or users should define password usable only for application.
Mobile application security
When user has Single-sign and mobile application activated together, application should be activated using the sign-up scheme:
- Start AyMINE at computer (browser) using the SSO authentication
- Request create password for mobile application
- Install & start mobile application
- Login to the mobile application with password
- Confirm application in the AyMINE at browser
- Logout and login again the to mobile application
Even when user has defined password for application:
- Password could be used to login using the default login dialog
- No other device could use the password. Each device should be individually confirmed in the browser before it could access the account
Activity diagram for application registration with single-sign on authentication mode.
