Single Sign-On (SSO) - Solution Description

Modified on Thu, 27 Apr 2023 at 03:26 PM

Description

Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials, managed by their company. Schema App now supports your organization’s authentication system.


Who has access to this feature?

Any End-to-End Schema App Solution Customers. 


Minimum Requirements

Schema App supports SSO using SAML 2.0 standard via Okta, Azure, Onelogin or similar platform as long as they support SAML 2.0 directly to Service Provider.


How It works:


SSO is based on trust relationships between service providers (Schema App) and identity providers (like Azure, Onelogin, Okta, etc hosted by your organization).


There are two ways to sign-in. Below is the process overview:


  1. Initiated by Identity Provider (IDP)

    1. The user logs into their Identity Provider like Azure, Onelogin, etc.

    2. After successfully logging in, the user sees the Schema App application in the list of applications.

    3. The user clicks on Schema App and will be redirected to the Schema App application website (https://app.schemaapp.com/login).

    4. Authentication is handled seamlessly.

  2. Service Provider Initiated (Initiated by Schema App)

    1. The user browses to the application i.e. Schema App application website (https://app.schemaapp.com/login)  and enters their email to login.

    2. The user is redirected to the identity provider for identity verification, where the user will login if required.

    3. Once login is successful, users will be redirected to Schema App’s application website.

    4. If the authentication is successful, then the user gets redirected to Schema App application website.


As our customer, you can choose which login method you prefer i.e. IDP initiated or Service Provider initiated or both.



Architecture Flow:

  1. Service Provider Initiated login(initiated by Schema App)






  1. IDP initiated login (After user clicks Schema App tile from Application list on IDP dashboard)


        





Features:

  • Ease and secure way for users to login to various applications.

  • Improved user experience by avoiding interruptions caused by password requests.

  • One-click login to applications.



Security Features:

  • Administrators can enable or disable the user on multiple applications at once.

  • Reduced risk of forgetting or remembering the credentials for multiple applications.

  • Trust between Identity Provider and Service Provider makes it difficult for third parties to get access to applications.


What User Data does Schema App Store?

Schema App stores the following user data:

  1. The Identity Provider of the User
  2. The attributes data provided by the Identity Provider (Eg. name, email, address, role, etc.)
  3. Information if user landed the first time in Schema App via SSO or existing user has landed
  4. User's username from SAML SSO Login


Interested in implementing SSO? You can reach out to support@schemaapp.com for more information and to initiate setup.


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article