Many organizations possess numerous applications to cater to their business needs and enable the workforce to access them with unique credentials. As the number of application numbers scaled up, users of the application found it cumbersome to remember the password. To comply with the security norms of the organization, they are also not encouraged to note it down in notebooks. On the other hand, administrators of the applications find it extremely difficult to add new users whenever required into multiple applications.
What is SSO and how does it work?
The need to simplify access for users through the one-stop solution, perhaps through a single click without compromising security policies has become an ultimate demand of the infrastructure teams within the organization. In addition, the proliferation of passwords eventually raised concerns causing a threat to compliance with security norms authored by both, governments, and organization standards.
A Single Sign On (SSO) authentication scheme was introduced to overcome these issues, and the standards were widely accepted by all the technical gurus. SSO allows users to log in once to an application and enables access to all related systems without the need to log in separately.
Thus, system administrators have minimal work with configuring access to the systems. Subsequently, the events of forgotten, not working, or expired credentials are less probable to happen and easier to manage.
As we can see, SSO can improve multiple processes in the organization.
Document360 current scope on Single Sign-on
The Enterprise SSO (Single Sign-On) feature supported by Document360 enhances the authentication user experience, meanwhile providing an additional level of security. The user does not need to worry about remembering the individual credentials for each application or project. A user who are enabled to logging into an application or website with the SSO feature would be able to log on to other applications listed by the Service provider. User can login any time for the applications without having the key in their login credential. Document360 supports SAML SSO, Open ID, and JWT authentication formats allowing customers to easily bring in their users – team accounts and readers, into the Document360 application. For more details about configuring Enterprise SSO in Document360, read the documentation.
In addition, there are many SSO Identity Providers in the market such as Okta, Microsoft Azure AD, etc which facilitate the infrastructure teams to set up. They can integrate all end-user web and mobile apps via their own IdP (Identity Providers). They support a wide range of personalization, setup, and installation actions while getting started following the security protocols as per the established standards. These providers will be listed with options of applications used within the organization, so whenever a new user is added to the IdP, they can be assigned to those required/ requested applications based on their roles.
Schedule a demo with one of our experts to take a deeper dive into Document360Book A Demo
What is the pressing problem with SSO?
Document360 supports SSO activation for the team accounts which act as authorized persons to add required team accounts, readers who can access and read the contents of the knowledgebase site. However, the knowledgebase site is largely used by the end-users of the customer, who are the readers accessing it for different purposes such as referring to manuals, technical documents, troubleshooting guides, installation procedures, product descriptions, customer service-related resources about the product, and so on. etc. Configuring readers manually consumes additional efforts for the users in terms of ensuring reader activation and an optional validation in assigning the contents they would be viewing at the knowledgebase site.
What have we achieved?
We have now provided an enhanced SSO support system that will help our customers easily include the readers into the Document360 once they are part of the IdP configured. When the Customers’ infrastructure team provides application access at their IdP and followed by configuration of Enterprise SSO within Document360 then readers can now be able to view the knowledgebase site content that is assigned to them. In the previous flow, there is an option for the user to send an email invitation to the readers, and the same approach is handled in our new solution. With “send invitation mail” initiated or not, still readers will be able to access the knowledgebase site. Having said that, still, the user can manually create a reader from Document360 and assign the relevant content role.
With the new implementation, the users are suggested to enable the “Auto Register SSO for Readers” setting in their already configured SSO feature. While doing so, users are requested to configure the default Reader group(s) who are accessing the knowledgebase site. In the background, the application validates the reader against the entries lying within the IdP and adds the new reader in Document360. This also ensures no duplicates are added further to the system.
Make use of the auto register option to avoid the SSO readers additional step in Document360. When this option is enabled, SSO readers who have logged into identity providers can quickly access the Knowledge base with the identity provider credentials. You can enable/disable this option as per your requirement.
End-users delight in the uninterrupted login experience, and seamless access to Document360 which ensures productivity. This feature helps you onboard the readers quickly, improve usability, and save time.
An intuitive knowledge base software to easily add your content and integrate it with any application. Give Document360 a try!GET STARTED