Single sign-on (SSO) solutions need to provide a mechanism for basic authentication according to the documentation in the “Requirements for single sign-on requests in the TRIRIGA Application Platform” for the TRIRIGA CAD Integrator, BIM, and Reserve Outlook Add-in. SAML does not support this for non-browser-based applications.
SAML is a technology that was designed for browsers, not integration applications such as CAD Integrator, BIM, Reserve Outlook Add-in, or other integration technologies. IBM TRIRIGA does not support Security Assertion Markup Language (SAML) or credential-less login mechanisms such as SmartCard or Common Access Card (CAC) as a method of authentication for its non-browser clients such as CAD Integrator, BIM, and the Reserve Outlook add-in. SAML and SmartCard/CAC do not support basic authentication for non-browser-based clients.
The best practice, if using SAML or SmartCard/CAC, is to authenticate directly to TRIRIGA on a separate process server or integration server as opposed to the SSO-enabled application server. These users will need to know their TRIRIGA user name and password to sign in with this solution. An alternative best practice would be to set up a separate non-SAML SSO solution for non-browser client users, which can support basic or NTLM authentication. Similarly, SmartCard/CAC users would need to know their SmartCard/CAC user name and password to sign in with this solution.