Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials. It asks the users to enter their credentials to log in to an application only once.
Single Sign-On (SSO) works by creating a trust between two systems: one that provides the identity (called the identity provider, like Azure) and one that provides the service (called the service provider, like an app or website).
This trust is usually set up by exchanging a certificate between the two systems. The certificate helps ensure that any information shared about a user's identity (like their email or username) is secure and comes from a trusted source.
In SSO, this identity information is sent in the form of tokens. These tokens include details about the user and are used to verify their identity, allowing them to log in without needing to enter credentials multiple times.
The login flow usually looks like this:
NOTE
Quixy allows the setup of multiple SSOs to meet the needs of different departments or subsidiaries.
For example, a parent company might use Azure for logging in, while its subsidiaries use Okta or Google. By configuring multiple login methods, each part of the organization can use the most suitable method, ensuring both security and convenience. Users are assigned the correct login based on their department or role, improving security across the organization.
NOTE
Each field contains a help text that explains what information is needed.
NOTE
Avoid disrupting the configurations when disabling or reestablishing SSO connections. Simply toggle the switch to easily turn on or off the specific SSO you wish to disable.
AD and LDAP can be configured as new SSO options, alongside other providers such as Azure, Okta, Google, and Auth0. Organizations can now set up AD or LDAP independently, without requiring backend support. AD/LDAP can support large organizations with complex hierarchies, making it easier to manage diverse login needs across departments or subsidiaries.
Many industries require stringent access controls. Using AD/LDAP as an SSO can help meet compliance requirements by providing secure, centralized user access management.