Surpass would act as the online service provider here, it would then contact a separate identity provider (consumers ADFS 2.0 setup) to authenticate the user and once the Identity Provider has verified this account the user would be redirected back to Surpass logged into the application. If the user has never accessed the Surpass application before the system would create a user with basic access and populate the necessary user fields in Surpass with the information stored in Active Directory that was sent within the SAML request.
This means that Surpass can offer a SAML-based Single Sign-on (SSO) solution that provides consumers control over the authorization and authentication of hosted user accounts that can access web based applications like the Surpass application. The purpose of the Surpass SSO articles is to help provide you with the necessary information to set up your Identity Provider to be able to successfully authenticate/integrate with Surpass. Please ensure that you have followed the instructions from the below articles before trying to access Surpass using the SSO functionality: