What is single sign-on?
Single sign-on (SSO) is an authentication method that allows users to securely log into multiple applications and websites using a single set of credentials through an identity provider. So, instead of logging into each of your apps, you can just log into one workspace and access all of your available tools.
How does SSO work?
SSO operates based on trust between a service provider and an identity provider. It's often built on a digital certificate that is being exchanged between the two. This certificate can be used to validate the information passed from the identity provider to the service provider, allowing the service provider to confirm the source's identity.
At Creatopy, we are currently offering two identity provider protocols (OpenID and SAML), with more to be added in future iterations.
What are the benefits of using SSO?
Many benefits come along with an SSO authenticator, which includes:
- Improves password policy;
- Reduces password fatigue;
- Decreases password management load;
- Lessens password-related incidents involving the IT department;
- Boosts overall productivity due to faster logins and fewer lost passwords;
- Centralizes the organization's control across all systems;
- Diminishes the risk of data breaches due to relocating ID/authentication data off-premises;
- Allows users to access their applications more quickly.
Activating SSO in Creatopy
Before you can start configuring your SSO settings, you will first have to activate it. You can do this by browsing through the Team settings panel -> Single sign-on -> Enable SSO.
Configuring your protocol
Configuring your SSO login will require assistance from your IT technician as a connection must be established and configured from within your service and domain provider.
You can locate your configuration details in the SSO branch found in the Team Settings panel after you've selected your protocol of choice (OpenID or SAML).
- Configuring OpenID
For the OpenID configuration, you will first have to set up a connection between your domain and our application.
To do this, you can create a new txt record in your domain, attach the txt record provided in your Creatopy configuration panel, and paste your domain URL into the required field.
Once your domain gets validated, you can start configuring your URI's along with your identity provider information. Just copy the Sign-in and Sign-out redirects into your service panel, and fill in the required fields containing the Client ID, Client Secret, and Autoconfig URL.
- Configuring SAML
Just like in the case of OpenID, you will first have to set up your domain using the txt record provided and paste your domain URL in the required field.
Once your connection is validated, you can copy the Single sign-on service URL and Service Provider Entity ID from the settings panel and paste them into the set-up panel of your identity provider.
After this step, your identity provider should provide you with an Autoconfig URL that you will have to paste into your Creatopy SSO panel before selecting Test connection & finish set-up.
If the process was successful, you should be notified through a marker found at the top of your SSO page, which will appear as active.
Note: If you decide to switch between OpenID or SAML at any point, your currently verified domain will remain untouched.