What is Single Sign On?
Single Sign On is a loose term applied to systems that enable users to login (authenticate in the technical terms) using a single username and password across a number of systems. Single sign-on protocols such as SAML can also enable authorisation facts and rules to be managed centrally, enabling access to systems to be set or more importantly revoked across a number of systems.
Carbon Six Digital have considerable experience of integrating SAML Single Sign On systems, such as Ping Identity, Okta and LastPass, into Umbraco. Find out more about our SAML SSO Integration Package.CONTACT US
How does Single Sign On work in Umbraco?
When an Umbraco website has been setup to support Single Sign On (SSO), the experience for site visitors is very simple. Typically when they try to access protected content, they will be redirected to the system responsible for proving their identity. When using SAML SSO in Umbraco this system is known as the Identity Provider.
Site visitors will usually be very familiar with their Identity Provider, because they use it to access many systems. They will be challenged to enter credentials - how that happens depends on the system, normally this is via Username and Password, but may also include other information like a one-time password sent to your mobile phone.
Once they have proven their identity they will be redirected back to the Umbraco website, which can be deep linked to the protected content they originally attempted to access.
Why is Single Sign On Important?
Single Sign On improves the security of your Umbraco Website. Users no longer have to remember security credentials for their Umbraco website, they simply use their corporate login credentials. These corporate credentials will likely be much stronger, and updated more frequently (which isn't a standard feature in Umbraco).
Sophisticated SaaS Identity Solutions such as Okta can also incorporate Multi-Factor Authentication, ensuring Users provide multiple ways to prove their identity, such as One Time Passwords sent to Mobile Phones, and geolocation. According to Symantec 80% of data breaches can be avoided by using Multi-Factor Authentication.
Adding Single Sign On to Umbraco substantially improves users' perception of the site, and reduces the risk of accidental and intentional data breaches.