Fewer Passwords,
More Security

How Single Sign-On
Helps Boost Privacy

s-sso

What is Single Sign-On?

Single Sign-On (SSO) lets users access multiple applications with the same credentials. Users also have the option of logging in once and accessing services without having to re-enter the authentication factors every time. Additional functions such as MFA and adaptive authentication can be added and then used by all services that have SSO functionality.

Modern Single Sign-On is based on «federation protocols» such as SAML or OIDC – these also known as «federated login» or «federated SSO».

How Does Single Sign-on With Nevis Work?

The Nevis Identity Suite offers the most comprehensive support for modern and earlier variants of single sign-on mechanisms. Our customers can cover all their application scenarios with a single platform and seamlessly migrate to the latest single sign-on standards as part of an evolutionary approach.

Single Sign-on for Hybrid Solutions

blue-plus blue-minus

Older applications do not support modern identity protocols such as SAML and OpenID Connect.

How can single sign-on support be guaranteed for these applications?

One solution could be to route all incoming data traffic to these applications through an access gateway first (e.g. our nevisProxy). This first requests the user to identify themself and only then allows them to access the secured application. A good access gateway will be compatible with many back-end applications, meaning that they can be connected behind the access gateway without any modifications and new programming. The access gateway ‘translates’ the authentication language, so to speak, into that of the back-end application:

  • The user tries to access an older local application.
  • The Nevis access gateway (on-premise) intercepts the request and forwards the user for authentication by Nevis in the cloud (using Nevis/Azure as an example here).
  • The authenticated user can now access the legacy application on site.

Nevis can also secure web applications that do not provide native support for SAML or OpenID Connect. This is often necessary since companies that are migrating to the cloud must support local applications and legacy applications that require alternative authentication mechanisms. These include:

  • HTTP header-based authentication
  • Form-based authentication
  • URL-based authentication
  • SAP-SSO logon tickets
  • Dynamic X.509 certificates

Federated Single Sign-On

blue-plus blue-minus

Federated SSO describes the setup of a trustworthy connection between different companies and third-party providers – in this way exchanging identities and authenticating users across all domains. If two domains are connected, users can authenticate themselves on one domain and then access resources in the other domain without having to log in separately.

We talk about federated SSO if one of the three most important federation protocols is used to implement Single Sign-On functionality:

  • SAML
  • OpenID Connect
  • WS-Federation (no longer in widespread use)

Social Login

blue-plus blue-minus

We describe social logins as Single Sign-On mechanisms that are provided by companies such as Google or Facebook. From a technical perspective, these are «federated login mechanisms».

Social login is a special form of SSO in which social network identities are used as authentication. The best-known social logins are:

  • Facebook
  • Google
  • Apple login
  • WeChat in China

Technically speaking, social logins are often based on the OpenID Connect protocol. They offer users a simple method of logging into an application without having to create a separate account and password for the app.

The Nevis Identity Suite can be configured to suit your requirements and you can easily add social logins to your login screens. Google, Facebook, Apple and Microsoft are currently supported.

User Account Linking

blue-plus blue-minus

This function allows the end user to link their basic account with multiple additional identity providers. In this case, two existing user profiles are combined into a single profile. When the accounts are linked, a primary and a secondary account must be specified. As a result, a user can authenticate themself from each of their accounts and will still be recognised by all the linked apps.

This makes it possible to log into every identity provider with creating a separate profile for each one. Users can also use their existing profile to set up a passwordless login.

s-question

Do you have questions about Customer Identity and Access Management?

We’re here to help – with personal consultations, reliable support and smart solutions. We would be happy to show you the advantages of the Identity Suite from Nevis in detail.

Contact Us!

Advantages of Single Sign-On

Identity management applications from Nevis boost the security and productivity of companies. They also contribute significantly to reducing internal costs and expenditure on security.

More Security

SSO reduces the number of passwords required and makes life easier for your end users. They no longer have to remember dozens of passwords and are no longer tempted, for the sake of convenience, to use one password for multiple portals. Always remember: passwords are no longer a major obstacle for today’s cybercriminals.

Optimum Customer Experience

We all know how tiresome it was having to use a different password for every user account. With SSO, it will now be possible to authenticate yourself conveniently once for different web portals. Ease of use is a key factor that influences customer loyalty – and SSO has a major role to play in making your offering attractive to customers.

Boosting Productivity  

Single sign-on gives your employees rapid access to all the information they need for their work – so they have more time to look after the things that really matter.

Reducing IT Costs

The fewer passwords in circulation, the less time your IT helpdesk must spend dealing with password problems. This will save you more time and money than you might have thought possible!

Download-wp-Suite

Are there still unanswered questions about Single Sign-On?

Get our free white paper now and receive comprehensive information.

Download White Paper