Single sign-on (SSO) is one of Secure Privacy’s features for enterprises. It allows your organization to manage access to your Secure Privacy account more easily by making it integrated with your existing identity provider. The advantage of this feature is that it eliminates the need to have separate credentials (usernames and passwords) to login to Secure Privacy, since users will use their existing organization credentials. This makes all operations related to authentication more secure and convenient. This includes: changing the password, forgetting the password, adding or revoking access, etc.
Out of the box, Secure Privacy provides support to integrate with any OpenID Connect system, which includes most major open-source or commercial identity providers like Okta, OneLogin, Ping Identity, Centrify, and others.
To integrate with your system, our development team will work with the IT/security team to configure your identity provider and create a client specific to Secure Privacy in it. This will allow you to have granular control over who can use your Secure Privacy from your organization and their exact permissions. By creating this client, you will be able to provide a Client ID and Client Secret to Secure Privacy team, which will be used to verify that all authentication requests coming to your system are actually coming from Secure Privacy. These extra verifications system will add more security layers to your system without any extra configuration needed from your side.
Secure Privacy team will also meet with your IT/security team to discuss how you want to manage access levels, and that will be communicated from your system to Secure Privacy using “claims”, a feature common in identity providers to communicate attributes about each user, e.g. their role or department. For example, if your organization maintains a different website for each product, you can give each client team access to manage only their website’s banner from Secure Privacy without accessing or affecting any other websites.
If you use any identity provider that doesn’t support OpenId Connect, please let us know and we would be happy to work with you to integrate with your existing system.