Single Sign-On (SSO)
- Applies to:
- All MindTouch Versions
What is SSO?
Single Sign-On (SSO) is a process that provides an individual in an organization the capability to sign in once, and be subsequently and automatically authenticated when accessing other systems in the organization. The process can also be extended to those outside the organization, such as customers, to provide them with low friction access to appropriate services and applications.
Typically, SSO is implemented between a centralized identity provider, the source of user identity attribute data, and the single or many applications that required that data to provide secure and personalized experiences.
Is MindTouch an SSO identity provider?
No, a MindTouch site should never be the source of truth regarding employee or customer identity. Using technologies such as OpenID Connect and SAML SSO, MindTouch can establish a trusted integration with identity providers, whose sole purpose is to securely store and authenticate these identities.
Identity provider examples
The need for secure storage and authentication of user identities has created an industry of solutions. Many vendors can integrate SSO between their software as a service (SaaS) platform, other SaaS applications, as well as applications hosted on premise in an organization's data center. Some of these vendors include Okta, Microsoft, and Google.
Who is Responsible for Password Policy Compliance?
With SSO you are in control of the login experience and password management for users on your MindTouch site. You can rely on your company's identity provider to ensure that user accounts adhere to your password framework compliance requirements.