Overview of Single Sign-on (SSO)
Single Sign-on (SSO) is a method that allows users to access multiple applications or services using one set of login credentials, managed by a third-party Identity Provider (IDP). In the context of ScreenSteps, SSO enables organizations to use an external user management system, eliminating the need to maintain separate user accounts within ScreenSteps. This approach centralizes user authentication and provides greater control over access to protected content.
- SSO streamlines user management by connecting ScreenSteps to an external authentication system.
- Users only need to remember one set of credentials for multiple services.
Key Terms
| Term | Definition |
|---|---|
| Identity Provider (IDP) | A third-party service that manages user identities and authentication. |
| Authentication | The process of verifying a user's identity before granting access to protected resources. |
| Protected Content | Content within ScreenSteps that requires users to log in before viewing. |
How Single Sign-on Works in ScreenSteps
With SSO enabled, the authentication process changes from the default ScreenSteps login to a flow managed by your chosen IDP. When a user tries to access protected content, ScreenSteps redirects them to the IDP's login page. After successful authentication, the IDP notifies ScreenSteps, which then grants the user access to the requested content.
For example, an employee accessing internal documentation on ScreenSteps would be redirected to their organization's login portal. Once they log in successfully, they are automatically granted access to the documentation without needing a separate ScreenSteps account.
- SSO replaces the standard ScreenSteps login with your organization's authentication system.
- Access is granted after the IDP confirms the user's identity.
Types of Remote Authentication Supported
ScreenSteps supports two main options for integrating remote authentication:
- SAML (Security Assertion Markup Language): An industry-standard protocol for exchanging authentication data between parties, commonly used by enterprise IDPs.
- ScreenSteps Remote Authentication: A custom method for integrating with services that do not support SAML.
If your IDP supports SAML, it is recommended to use this protocol. Otherwise, ScreenSteps Remote Authentication can be used for other integration needs.
- SAML is widely supported by enterprise authentication systems.
- ScreenSteps Remote Authentication offers flexibility for non-SAML integrations.
Why Single Sign-on Matters
Implementing SSO enhances security, simplifies user management, and improves the user experience by reducing the number of passwords users must remember. Organizations gain centralized control over access to sensitive content, and users benefit from a seamless login process across multiple services.
- SSO reduces administrative overhead for managing user accounts.
- Centralized authentication increases security and compliance.
- Users enjoy a more convenient and efficient login experience.