miniOrange Single Sign-On (SSO) product provides easy and seamless access to all enterprise resources with one set of credentials for any devices or applications
add-app.gif

What is Single Sign-On (SSO)?

Single Sign-On (SSO) is an authentication process during which a user is provided access to multiple applications and/or websites by employing a single set of login credentials (such as username and password). With SSO end users time and efforts get minimized as they don't need to repetatively sign in and out separately into the various applications. Single Sign-On (SSO) helps in users and organizations with the challenge of maintaining the different credentials for different application separately which streamlines the process of signing-on without the need to re-enter the password. SSO is one of the pivotal aspect for many of the Identity and Access management (IAM) and cloud security control solutions. Single Sign-On (SSO) implemented perfectly helps in improving productivity, management, and security control reducing the risk of lost, weak or forgotten passwords.

SSO Components

The user credentials and other identifying information are stored and managed by a centralized system called Identity Provider (IdP). The Identity Provider is a trusted system that provides access to other websites and applications.  In IdP Initiated SSO (Single Sign-On), login request is initiated from Identity Provider (e.g Okta, OneLogin, or Microsoft Azure AD, miniOrange IDP). Enduser first authenticates through Idp login Credentials. Once authenticated successfully, the end-user will be redirected to the targeted application account via enduser dashboard.

IDP Initiated SSO

A service provider provides services to the end-user. Service providers rely on identity providers to assert the identity of a user, and typically certain attributes about the user that are managed by the identity provider.  In SP Initiated SSO (Single Sign-On), login request is initiated from the application end. An user tries to access their account by signing in using application, which will redirect to their IdP login page. Once user successfully login into their IdP they will be directly logged-in into their application.

SP Initiated SSO

How SSO Works?

SSO is an IAM authentication service that allows apps (even third-party) to confirm a user’s identity. Identity standards like SAML, OAuth and OpenID Connect allows encrypted tokens to be transmitted securely between the server and the apps to indicate that a user has already been authenticated and has rights to access the apps.

SSO_MO.JPG
  • Firstly the user tries to get access to their desired application/website (for eg: Google Workspace, Office 365, Dropbox, etc). These applications/website is from the Service Provider.

  • The application/website (Service Provider) redirects the SSO request to Identity Provider for authentication.

  • The user tries to sign in with his Identity Provider credentials.

  • Once IDP authentication gets success, Identity Provider (IDP) sends back the Single Sign-On response to the Service Provider.

  • Getting On the SSO Response, the user is granted the access to log in and access the resource or application.

  • Here on the user can access all the other applications/websites from the Service Provider which are pre-configured for SSO-Single Sign-On.

Features

SSO INTEGRATIONS

Integrate SSO using SSO connectors in many different platforms like Java, .Net, PHP, Node.js, Ruby, etc.Useful for applications which do not have in-built support for any SSO protocol.

Multiple IDP's Supported

This feature enables you to manage user accounts automatically within applications. This saves time and ensures that your user's access rights are up to date.

Third-Party Application Integration

We have integration with different products of Oracle/SAP/Cisco for Single Sign-On and multi-factor authentication.

AUTHENTICATE WITH

EXTERNAL IDPs

Use your existing Identity Providers (IDPs) to authenticate into your applications. No need to onboard your users and provide them uninterrupted access using miniOrange.

USER MANAGEMENT

Providing a centralized location where IT can automatically manage identities, admin credentials, and secure users access, and where users can simply and securely access their apps.

DIRECTORY INTEGRATION

Easily Integrate your existing LDAP/Active Directory in miniOrange to provide users login using their existing credentials and secure access to applications.

ATTRIBUTE MAPPING

It is used to mapped attribute types that exist in miniOrange SSO with like Active Directory.

USER PROVISIONING

Updates user information in your integrated directory when you manage user information like CREATE, DELETE or UPDATE user accounts in your miniOrange service.

MULTI-FACTOR AUTHENTICATION

Add one more security level to your application.It ensures the right set of eyes have access to your sensitive information sitting on the cloud or on-premise.