Is Single Sign-On (SSO) technology really the missing link in boosting your processes
- Parth Patel
I am sure quite a few of you can relate to this issue... While working on multiple domain legacy applications in the organization, in most cases, you are required to provide credentials while switching applications.
Help is on the way with Single sign-on (SSO) technology offering you an easy fix to a time-consuming activity.
Single sign-on (SSO) allows you to access the control of multiple related, yet independent, software systems. With this property a user logs in with a single ID and password to gain access to any of several related systems. It is often accomplished by using the Lightweight Directory Access Protocol (LDAP) and stored LDAP databases on (directory) servers.
The increase in the number of users who believe in SSO has come a long way thanks to the wide-spread use of cloud technology, the frustration in keeping track of multiple login credentials and not to mention the increasing danger of account information being compromised.
It is an indisputable fact that, Single sign on (SSO) makes logging in to a platform, application or website quicker and easier, however you should understand both the advantages as well as disadvantages and cost factors before you take the call to implement it in your organisation.
Advantages:
Ease of multi-factor authentication requirements:
With a larger number of employees availing of options such as bring-your-own-device (BYOD) as well as ‘work from anywhere’, it becomes easier for IT departments to manage authentication of devices and multi factor authentication that is needed for sensitive data.
Boost to productive times
the amount of time needed to remember a long list of passwords is eliminated with this process. Thus team members can get online faster and benefits from longer productive times soon add up positively.
Ease of off-boarding
With a streamlined system of handling user accounts, it is easier for the IT department to complete offboarding activities and ensuring the integrity of the system.
Improved user experience
Consumers are no longer encumbered with the need to remember login details to access their account and services. With a speedy and simple login process, the consumer journey is more accomodating thereby leading to a higher conversion of visitors to customers.
Reduction in help desk workload
There will be a drastic reduction in users calling in for password reset requests. this will help reduce the help desk workload to a great extent, thereby freeing them to handle other critical problems.
Challenges
Password security
Primary among the challenges that face implementation of SSO is the problem of ensuring password security. It is important for users to choose strong passwords. However, most of them tend to overlook this critical aspect which could lead to accounts being hacked.
One way to deal with this problem is to have 2 factor authentication. This will allow some measure of control over the account if the password is compromised.
Outages
In case there is a problem with the provider, all users will be locked out. They will be unable to access their account till the issue is resolved.
Multi- user machines
In the case of multi- user machines, working with SSO might not be a good option as other users cannot login when someone else is logged in.
All things considered, implementation of SSO can offer a wide range of benefits for organizations that work in these parameters. Analyzing all the pros and cons is the first step in taking a decision that could help improve performance.
It is an indisputable fact that, Single sign on (SSO) makes logging in to a platform, application or website quicker and easier, however you should understand both the advantages as well as disadvantages and cost factors before you take the call to implement it in your organisation.
- Danny Yehya
- Salesforce Certified Architect
- Six Consulting, Inc.
Integration with your system
Now that you have looked at the pros and cons of implementing SSO, let's see how to incorporate it in your system.
Let's start with the example of SSO between Salesforce and Azure Active Directory legacy system.
Prerequisites
Azure AD integration with Salesforce
An Azure AD subscription
Salesforce single sign-on enabled subscription
Solution – To configure SSO
Perform all below steps int read more
Now that you have looked at the pros and cons of implementing SSO, let's see how to incorporate it in your system.
Let's start with the example of SSO between Salesforce and Azure Active Directory legacy system.
Prerequisites
Azure AD integration with Salesforce
An Azure AD subscription
Salesforce single sign-on enabled subscription
Solution – To configure SSO
Perform all below steps into your Azure AD
To start, Login into your Azure (https://portal.azure.com) . Click on All Service and type Azure Active Directory in search box.
- Select the Active directory and click on Enterprise Application.
- Click on Create New Application Button and Search for Salesforce.
- Click on Salesforce, give the application Name and click on Add button.
- Once application is created, it will be displayed in the list of enterprise applications. Click on the application name.
- From Application, choose Single Sign On and then SAML based sign-on.
- Copy your Salesforce org URL and paste in into Identifier, Reply URL and Sign on URL section. Click on Save.
(e.g. https://<subdomain>.my.salesforce.com, https://<subdomain>-dev-ed.my.salesforce.com)
- Clicking on Save, you will be redirected to below screen. Download federation Metadata XML from SAML Signing Certificate section to your file system as shown below.
Perform all below steps into your salesforce Org
- Log into your Salesforce Org and type Single Sign-On Setting in quick find box.
- Enable Single Sign-On and click on Save.
- Once Single Sign-On option is enabled, you will be redirected to below screen. Click on New from Metadata file button in SAML Single Sign-On setting section.
- Upload the downloaded certificate in step # 8 from your file system here and click on
- Clicking on Create, will redirect you to SAML Single Sign-On Settings page and fields will be populated automatically from the uploaded metadata file in step #12. Leave it as is and click on Save.
- Now, type My Domain in quick find box.
- Click on Edit button in Authentication Configuration Check value of Azure AD checkbox and click on Save.
Perform all below steps into your Azure AD
- In the Azure portal, go to previously created Salesforce application by navigating to Enterprise Applications 🡪All applications 🡪 Salesforce.
- Select Users and groups from left menu.
- Click the Add user button, then select Users in the Add Assignment
- In the Users dialog box search User in the Users list for whom we are configuring SSO, then click the Select button at the bottom of the screen.
- (Optional) If you need to provide any role value in the SAML assertion, then in the Select Role dialog; select the appropriate role for the user from the list and click Select button at the bottom of the screen.
- Once you are done with adding Users and Role, Click on assign button.
Conclusion: Now, added users in step #19 will be able to log in to Salesforce using their Azure AD credentials.
Niki We typically reply in a few minutes
Are you interested in learning more about how Salesforce and Mulesoft can benefit your business? Let’s get connected!