{"id":1731,"date":"2025-02-04T09:57:02","date_gmt":"2025-02-04T04:27:02","guid":{"rendered":"https:\/\/www.enhisecure.com\/isecureblog\/?p=1731"},"modified":"2025-02-04T09:57:02","modified_gmt":"2025-02-04T04:27:02","slug":"pass-through-authentication-via-active-directory-in-sailpoint-identityiq","status":"publish","type":"post","link":"https:\/\/www.enhisecure.com\/isecureblog\/2025\/02\/04\/pass-through-authentication-via-active-directory-in-sailpoint-identityiq\/","title":{"rendered":"Pass Through Authentication via Active Directory in SailPoint IdentityIQ"},"content":{"rendered":"\n<h2 class=\"wp-block-heading has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-48a293fed2e8f235dfee9e32c172c5d9\">Pass Through Authentication (PTA)<\/h2>\n\n\n\n<p>In today&#8217;s digital age, secure authentication is crucial for all kinds of organizations. Pass Through Authentication enables users to access resources seamlessly without the need for maintaining credentials in on-prem infrastructure. The user credentials are validated against the organization&#8217;s directory service such as Active Directory without the need to store credentials. PTA is used commonly in hybrid environments where organizations want control over authentication while integrating with cloud services. The diagram below depicts the process of Pass Through Authentication via Active Directory in <a href=\"https:\/\/www.sailpoint.com\/\">SailPoint<\/a> <a href=\"https:\/\/www.sailpoint.com\/products\/identity-security-software\/identity-iq\">IdentityIQ<\/a>.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"956\" height=\"218\" src=\"https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2025\/01\/AD-PTA.png\" alt=\"\" class=\"wp-image-1732\" srcset=\"https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2025\/01\/AD-PTA.png 956w, https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2025\/01\/AD-PTA-300x68.png 300w\" sizes=\"auto, (max-width: 956px) 100vw, 956px\" \/><\/figure>\n\n\n\n<p class=\"has-small-font-size\"><em>Image: Pass Through Authentication via Active Directory<\/em><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>A user requests to log in to an application, in our case, <a href=\"https:\/\/www.sailpoint.com\/\">SailPoint<\/a>.<\/li>\n\n\n\n<li>The application (<a href=\"https:\/\/www.sailpoint.com\/\">SailPoint<\/a>) secures the credentials by encrypting them.<\/li>\n\n\n\n<li>The login configuration is checked and found out to be Pass Through Authentication.<\/li>\n\n\n\n<li>The credentials are validated against Active Directory.<\/li>\n\n\n\n<li>After successful validation, the user is logged in.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-de1c27ea7585be481e170c8efbc673fc\">Advantages<\/h2>\n\n\n\n<p>\u2981 Pass Through Authentication ensures the credentials are not stored, reducing the risk of exposure.<br \/>\u2981 Simplifies user management by validating with a directory system like Active Directory.<br \/>\u2981 Provides real-time authentication, ensuring accurate and up-to-date access control.<br \/>\u2981 Offers seamless experience as users can log in to on-prem and cloud-based applications using the same credentials.<\/p>\n\n\n\n<p>Let&#8217;s have a close look into Pass Through Authentication in below video.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"ENH iSecure: SailPoint IIQ - Pass Through Authentication via Active Directory in IIQ - Presentation\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/4b9oVT8DenI?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p>In this video, a detailed demonstration on Pass Through Authentication via Active Directory and usecases like AD Birthright Provisioning are discussed.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"ENH iSecure: SailPoint Identity IQ - Pass Through Authentication via Active Directory in IIQ - Demo\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/0GcjMJj26Ek?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Pass Through Authentication (PTA) In today&#8217;s digital age, secure authentication is crucial for all kinds of organizations. Pass Through Authentication enables users to access resources seamlessly without the need for maintaining credentials in on-prem infrastructure. The user credentials are validated against the organization&#8217;s directory service such as Active Directory without the need to store credentials. [&hellip;]<\/p>\n","protected":false},"author":45,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14],"tags":[40,127,10,29,96,11],"class_list":["post-1731","post","type-post","status-publish","format-standard","hentry","category-sailpoint","tag-active-directory","tag-iam","tag-identity-iq","tag-iiq","tag-pass-through-authentication","tag-sailpoint"],"_links":{"self":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts\/1731","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/users\/45"}],"replies":[{"embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/comments?post=1731"}],"version-history":[{"count":11,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts\/1731\/revisions"}],"predecessor-version":[{"id":1743,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts\/1731\/revisions\/1743"}],"wp:attachment":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/media?parent=1731"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/categories?post=1731"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/tags?post=1731"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}