PAM Federated Sign-In: Benefits and Configuration.
PAM provides a federated sign-in experience that can be deployed during or after installation.
The benefits of the PAM Federated Sign-In:
- a more easily recognizable enterprise web login page supporting single sign-on
- provides integration opportunities with many commonly used multi-factor authorization (MFA) and two-factor authorization (2FA) providers
- allows for the generation and use of Authentication Tokens
- requires the use of a non-self signed SSL Certificate ensuring web client connectivity is secured.
- See this FAQ for Load Balancing for Debian or Ubuntu.
- See this FAQ for Load Balancing for Red Hat or CentOS.
Pre-requisite: Make sure a non-self signed, well known and trusted SSL Certificate is deployed and working in your Windows or Unix host. During installation, you will define the URL that PAM will use for web connectivity and this connection needs to be secured with a trusted web certificate. While we recommend using a trusted SSL certificate in all deployments scenarios, if you have a self-signed certificate, please see this article or configuration options.