This article will go over the alternative form of sign-in outside of email login for the PostBeyond platform: SSO
Specifically, we will go over:
- What is SSO?
- What are the Types of SSO Currently Enabled by PostBeyond?
What is SSO?
Single Sign-On allows users to authenticate themselves through a 3rd party Identity provider (IDP). Why is SSO a preferred method of logging in by some organizations?
- Increased security for organizations - authorized user lists are easier to manage from a centralized location
- Increased end user security - end users are not required to create and maintain additional passwords
What are the Types of SSO Currently Enabled by PostBeyond?
SAML SSO is the process of authenticating a user for a service provider (such as PostBeyond) via a third party decided upon by the customer. Users authenticate themselves via an identity provider service (IDP) chosen by the customer who then confirms to PostBeyond that the person attempting to log into that account is in fact who they say they are.
There are Different Types of SAML SSO for PostBeyond
- Setting up SAML SSO (all IdPs but OKTA)
- OKTA PostBeyond Application Integration
- Custom OKTA Application (SAML SSO with OKTA IdP)
IMPORTANT: If you are planning on setting up OKTA applications, please see the Difference between the PostBeyond and Custom application first.
To learn more about SAML SSO and set-up, please see Single Sign-on (SSO) Through SAML
Google SSO (or O-Auth SSO)
O-Auth SSO works the same way as SAML SSO except there is pre-existing trust between the service provider and the IDP. In the case of Google SSO, PostBeyond already has trust built with Google. All we need from the customer is any trusted domains that they authorize to be used for authentication. We then associate those domains with a particular instance.
To learn more about Google SSO and set-up, please see Single Sign-on (SSO) Through Google.