Plans supporting single sign on (SSO)
Free | Professional | Business | Enterprise |
---|---|---|---|
What is SSO?
As the term suggests, Single Sign-On or SSO allows for user authentication and access to multiple applications or websites with a single login event. In simple terms, this feature can be referred to as One-time login.
A user logging into any application or website with the SSO feature enabled would be able to log on to other applications listed by the Service provider without the user having to key in their login credential every single time for each of the applications.
Reasons to configure Single Sign-On (SSO) in your project
There are several reasons why SSO is considered an important feature:
Improved security: SSO can help improve security by reducing the number of places where user credentials are stored and making it more difficult for attackers to access sensitive information.
Increased productivity: SSO can help increase productivity by allowing users to access the systems and applications they need quickly and easily without remembering multiple usernames and passwords.
Better user experience: SSO can help improve the user experience by reducing the number of times users are prompted to enter their credentials, which can be frustrating and time-consuming.
Simplified IT management: SSO can help simplify IT management by reducing the number of places where user credentials are stored and making managing access to systems and applications more accessible.
Compliance: Some industries and sectors have regulations and compliance requirements that demand SSO implementation.
Reduced IT costs: SSO can help reduce IT costs by reducing the need for additional hardware, software, and support required to manage multiple authentication systems.
In summary, SSO can improve security, increase productivity, enhance the user experience, simplify IT management, support compliance, and reduce IT costs.
How does SSO work?
Most websites or web applications like Document360, referred to as Service providers, have a dedicated, secure, and centralized database for user information and credentials.
To facilitate the Single Sign-On feature, an external entity, the Identity Provider or IdP, is brought in to ease the user experience in accessing the web application by authenticating the user's credentials and authorizing the access to the 'Service provider'.
Here’s a sequential rundown on how the Single Sign-on (SSO) feature works
The user visits the intended Service provider or application domain sign-in page
Redirection takes place to the Identity Provider (IdP) login page
The user signs in with the correct credentials
The IdP domain matches the user information and sends an Access token or ID token to the Service Provider
The validation of the Access/ID token with user information is thriving on the Service provider’s end
A trust relationship is established between the IdP and the Service provider
As the authentication is successful, the user is now authorized to access SSO-enabled applications within the service provider without the whole process of Signing in for each instance.
Document360 allows you to configure multiple SSO options simultaneously. This means you can set up single sign-on using various identity providers for your team and readers. For example, you might use one IdP for internal employees and another for external customers or partners. This gives your team and readers the flexibility to choose their preferred IdP for accessing both the knowledge base portal and site.
What is an IdP?
Identity Provider (IdP) is an external entity that stores and manages the identity information of users; the IdP also authenticates the users by facilitating the Single Sign-On (SSO) feature. Identity Provider handles users' credentials to log in to web applications, file servers, systems, and other digital services. Any single entity the IdP stores is called a ‘principal.’
Here are some IdP you can configure with Document360
Okta
Entra ID
Google
ADFS
OneLogin
SSO Standards on Document360
Single Sign-On feature is established with two broad standard protocols adopted by Document360.
1. SAML 2.0
Removing a configured SAML SSO
Using Okta as IdP
Using Azure AD as IdP
Using Google as IdP