Single sign-on overview
With IBM® Security Access Manager for Enterprise Single Sign-On, you can enter one user ID and password to access multiple applications.
You can also single sign-on to applications in a Citrix or Terminal Server if AccessAgent is installed on the Citrix or Terminal Server.
How single sign-on works
After you log on to AccessAgent, it automatically captures and auto-fills your application credentials from and to the application clients that you launch. These application credentials are saved in a Wallet.
When you single sign-on into an application, AccessAgent retrieves the application logon credentials from the Wallet. This Wallet is stored securely at the IBM Security Access Manager for Enterprise Single Sign-On IMS Server. AccessAgent downloads the Wallet from the IMS Server. As such, you can access your Wallet even when you use a different computer later.
If the IMS Server is offline or AccessAgent cannot connect to the IMS Server, you can still log on to AccessAgent if you have a cached Wallet. The cached Wallet is in encrypted form on your computer. You have to authenticate with your ISAM ESSO password and sometimes with another authentication factor if two-factor authentication is enabled.
The IMS Server is online if you can click Sign up or Log on in the AccessAgent navigational panel. The IMS Server connection refreshes every 30 minutes, or as determined by your Administrator.
AccessAgent information
If you want to view information about AccessAgent,
- Right-click the AccessAgent icon in the system tray.
- Select About ISAM ESSO AccessAgent.
- Click Export to download the information in a text file.