SSO in Knowledge XChanger – Single Sign On for easier access

Single sign-on (SSO) is a user authentication process that permits a user to enter one name and password in order to access multiple applications/resources. The process authenticates the user for all the applications they have been given rights to and eliminates further prompts when they switch applications during a particular session.

The SSO benefits are understandable with reduction of; password fatigue from different user name and password combinations, time spent re-entering passwords for the same identity and IT costs due to lower number of calls about passwords.

In an enterprise using SSO software, the user logs on with their id and password. This gains them access to information and multiple applications such as the Knowledge XChanger portal. Single sign on software is a stronger form of authentication which includes digital certificates. Single sign on takes place between enterprises using federated authentication. For example, an employee may successfully log on to their enterprise system. When they click on a link to Knowledge XChanger, the business partner’s single sign on system (Federation Server) will provide a digitally signed security assertion token using a protocol like SAML.

Different SSO solutions/configurations

  • Integrated Windows Authentication (Kerberos based): Initial sign-on prompts the user for credentials to access the network.
  • Security Assertion Markup Language (SAML): An XML standard that allows secure web domains to exchange user authentication and authorization data.
  • Active Directory Federation Services SSO: Windows AD FS supports Web single-sign-on (SSO) technologies that help information technology (IT) organizations collaborate across organizational boundaries.
  • SiteMinder Federation SSO: Provides users seamless, easy access to applications with a federated single sign-on (SSO) across the underlying domains.

SAML-based SSO in Knowledge XChanger

Comintelli offers a SAML-based Single Sign-On (SSO) service that provides customers with full control over the authorization and authentication of hosted user accounts that can access the Knowledge XChanger application. Using the SAML model, Comintelli acts as the service provider (SP) and provides the Knowledge XChanger service. The customer act as identity providers (IdP) and control usernames, passwords and other information used to identify, authenticate and authorize users.

By: Stefan Wendin