Single Sign-On (SSO) - Solution Description

Modified on Wed, 18 Jan 2023 at 05:03 PM

Description

Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials, managed by their company. Schema App now supports your organization’s authentication system.


Who has access to this feature?

Any Enterprise client.


Minimum Requirements

Schema App supports SSO using SAML 2.0 standard via Okta, Azure, Onelogin or similar platform as long as they support SAML 2.0 directly to Service Provider.


How IT works:


SSO is based on trust relationships between service providers (Schema App) and identity providers (like Azure, Onelogin, Okta, etc hosted by your organization).


There are two ways to sign-in. Below is the process overview:


  1. Initiated by Identity Provider (IDP)

    1. User logins to the Identity Provider like Azure, Onelogin, etc.

    2. After successful login, the user sees Schema App application in the list of applications.

    3. User clicks on the Schema App and will be redirected to the Schema App application website (https://app.schemaapp.com/login).

    4. Authentication is handled seamlessly.

  2. Service Provider Initiated (Initiated by Schema App)

    1. A user browses to the application i.e. Schema App application website (https://app.schemaapp.com/login)  and enters their email and tries to login.

    2. A user is redirected to the identity provider for identity verification, where the user will login if required.

    3. Once login is successful, users will be redirected to Schema App’s application website.

    4. If the authentication is successful, then the user gets redirected to Schema App application website.


As our customer, you can choose which login method you prefer i.e. IDP initiated or Service Provider initiated or both.



Architecture Flow:

  1. Service Provider Initiated login(initiated by Schema App)






  1. IDP initiated login (After user clicks Schema App tile from Application list on IDP dashboard)


        





Features:

  • Ease and secure way for users to login to various applications.

  • Improved user experience by avoiding interruptions caused by password requests.

  • One-click login to applications.



Security Features:

  • Administrators can enable or disable the user on multiple applications at once.

  • Reduced risk of forgetting or remembering the credentials for multiple applications.

  • Trust between Identity Provider and Service Provider makes it difficult for third parties to get access to applications.




What User's Data Does SchemaApp Store?


SchemaApp stores the following user's data.

  1. The Identity Provider of User
  2. The attributes data provided by the Identity Provider (Eg. name, email, address, role, etc.)
  3. Information if user landed the first time in SchemaApp via SSO or existing user has landed
  4. User's username from SAML SSO Login




Interested in implementing SSO? You can reach out to support@schemaapp.com for more information and initiate setup.


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article