Single Sign-On (SSO for short) is a super-convenient feature available for enterprise-level Sympli teams. Today we'll run through a quick discussion on SSO as we explore why it's a faster, more secure way of onboarding team members and/or stakeholders into Sympli Projects using an Identity Provider like LastPass.

What is SSO?

Single Sign-On (SSO) is a software feature that allows users to access multiple services while only authenticating themselves once. A terrific example of this could be Disqus, the service that offers commenting functionality to websites. If you logged into Disqus via a website (to make a comment), not only would you then be authorized to make comments on other websites that use Disqus, but you'd also be able to log into disqus.com and manage the comments on your own disqus-featured websites. You wouldn't have to log in, or sign up twice.

Google offers an even more impressive implementation, where logging into one Google service also logs you into various others (such as YouTube, Google Docs, Google Sheets, Gmail, Google+, Google Maps, and so on). In short, SSO eliminates that repetitive need to confirm your identity time and time again.

SSO with SAML 2.0

With SAML 2.0 functionality, we can use SSO via an Identity Provider; this is when a reputable source already has your identity confirmed in a super-secure and reliable way. Think: "Login with Facebook", but much more secure. Examples of Identity Providers include LastPass, OneLogin and Okta. Not only do these services store your sensitive data securely, but they can recall that data to log you into other services that we call Service Providers (which in this case, is Sympli).

SSO in Teams

With SAML-based SSO Identity Providers, we can automate the workflow of onboarding new team members into the apps used by our teams, as long as those apps use SSO (like we do!). Here's how that would work at Sympli:

  • Your team is awarded a custom domain, for example microsoft.sympli.io
  • Each user in the team is then signed up to an Identity Provider of your choosing, for example LastPass, Okta or OneLogin
  • If the user has never logged into the Identity Provider before, they will be redirected to said Identity Provider to sign in (they will only need to do this once, hence the term "Single Sign-On")
  • After that, the user is redirected back to Sympli

Why is this better? Because each team member wouldn't need to create a Sympli account when onboarded into the company, nor any other app that's been approved by the company and authorized using the Identity Provider.

Also, team members can have their accounts revoked in a centralized manner, in the event that said team member no longer works at the company. So along with additional security, since anybody not authorized with the Identity Provider wouldn't be allowed access to the Sympli Projects, there's also the convenience of being able to manage every team member in the company from one location.

———

SSO and custom domains are available to Sympli customers using our new Enterprise plan. Enterprise teams also get priority customer support and a dedicated account representative. Email us if you have any questions!

Did this answer your question?