Unmanaged Device Access Control on SaaS Security API

Use the next generation firewall to control unmanaged device access by configuring SaaS Security API as a SAML proxy.
You can control unmanaged and employee-owned device access to your sanctioned SaaS applications by configuring SaaS Security API as your SAML proxy. Unmanaged device access control uses SAML (Security Assertion Markup Language) redirection by proxy to:
  • Redirect your SaaS app traffic through your next generation firewall.
  • Decrease vulnerability to data exfiltration and malware propagation.
When an employee needs to access a SaaS app on an unmanaged computer or mobile device, the authorization request is sent through the SaaS Security API SAML proxy and authenticated by your Identity Provider. After authenticating, the user is redirected through the firewall, allowing visibility into access and control of corporate resources on your SaaS app.
There are several options available for an identity provider (IdP) and service provider (SP). SaaS Security API tested the following IdP and SP combinations. When the table doesn’t indicate support for a configuration one way or another, the configuration might work, but SaaS Security API has not yet tested that specific configuration. If you have an interest in a specific configuration, contact your SaaS Security Sales representative.
SaaS App
IdP
Support Exceptions
Okta
ADFS (SamIP)
ADFS(WsFed)
Azure AD
PING
Shibboleh
Google IDP
Browser
Box
Yes
Docusign
Yes
Dropbox
Yes
Support for special flow only
Evernote
Yes
G Suite
Yes
Yes
Yes
Office 365
Yes
Yes
Yes
No
Yes
See also Skype
Salesforce
Yes
Yes
Yes
Support for basic web flow with Google IDP.
ServiceNow
Yes
Support for special flow only.
Skype
 
Skype for browser is not supported
 
Slack
Yes

Recommended For You