To be clear as to meaning it a good idea to define TLA's .

Don't recognize TLA? Three Letter Acronym

(or Four or Six, whatever)

Different industries/organizations often have different meanings and you can get some pretty odd or hard to understand responses when someone that uses a TLA that means something different to them then to you.

Museum of Fine Arts ?

Mortgage Finance Authority?

Master of Fine Arts?

Multi Factor Authentication?

Monkey Fungibles Association?

@ballardw 

MFA: Multi Factor Authentication

This is a requirements for Zero Trust environment, and a mandate for government agencies

Hello @shoin ,

I work on several Zero trust environments. I am aware what you are talking about. 

SAS 9 has limited possibilities vs SAS Viya.

In SAS 9 your best options are either IWA/Kerberos SSO (plarform wide) or, else, for the web, to place a reverse proxy upfront with the MFA of your choice which will then allow access to the SAS web (where the users will need to authenticate one last time).

There is another option, not really supported by SAS Tech Support, and also for the web, which is to implement SAML through Shibboleth. If you are interested about this option, you can see this paper wrote by @MikeRoda : https://support.sas.com/resources/papers/proceedings15/SAS1385-2015.pdf 

SAS Viya has more options, integrated within the design. 

One of the issues we are facing right now, has to do with SAS 9.4 SAS/Connect & SAS/Share modules in SAS Foundation deployment!

These two modules were designed and developed way before the concept of MFA was thought off, therefore it may cause a challenge, to get them properly integrated for MFA .

Just as an FYI

Thank you @JuanS_OCS for your reply ... I have read that article and I will pick it again .. do you have a how to specifically for "o place a reverse proxy upfront with the MFA of your choice which will then allow access to the SAS web (where the users will need to authenticate one last time)." suggestion?