Federated SAML SSO

Federated SAML SSO enables Encompass and Encompass Connect users to log into the ICE MT Lending Platform with the same username and password (provided by your company's IdP provider).

Supported Flows

ICE MT identity federation services supports a Service Provider (SP) initiated authentication flow with SAML 2.0.

The following represents the single sign-on flow when an application triggers SSO.

A client (browser) requests resource from SP (ICE Mortgage Technology).
The SP redirects to IdP for authentication.
The IdP authenticates user.
The IdP sends auto post form to the browser with SAML assertion.
Assertion is sent to the SP.
Access token is provided by the SP via the authorization code flow.

Setting Up the Connection

Setting up a SAML SSO connection between your IdP and ICE MT Encompass products is a two-step process:

Configure your IdP application with ICE Mortgage Technology settings and collect the XML metadata file from the configuration. The configuration settings required by ICE Mortgage Technology are provided in the SSO Setup guide for each supported IdP: Okta, Salesforce, and Microsoft Azure.
Set up SAML SSO in Encompass Developer Connect. In this step you upload your IdP configuration to Developer Connect.

Before You Begin

Before setting up the connection, ensure you have the following prerequisites:

Administrative login credentials for the IdP
Understanding of your IdP administration settings
Understand general concept of the SP initiated SAML federation

Configure Your IdP for SAML Authentication

Configure your IdP application with ICE Mortgage Technology settings and collect the metadata file from the configuration.

For instructions on setting up SSO for Encompass and Encompass Connect products, please see the following guides.