The Single Sign-On (SSO) process simplifies user access by enabling them to log in to multiple applications and websites using a single set of credentials. The Rivet platform leverages an SSO process. This not only enhances user experience but also increases security. The process typically involves the following steps that are explained in this article.
Understanding the Single Sign-On (SSO)
Benefits of SSO for Your Organization
Setting up SSO
Managing users with SSO
Multi-Factor Authentication with SSO
1. Understanding Single Sign-On (SSO)
SSO is an authentication method that allows users to log in to multiple applications and websites using just one set of credentials, such as an email address or a social media account. In the context of Rivet, SSO enables users to access the platform without needing to remember an additional username and password. This streamlines the login process and reduces the risk of password-related security breaches.
Organizations use user directory services, such as Active Directory and Google Workspace, which can act as identity providers for SSO. An Identity Provider (IdP) is a system or service that manages and stores digital identities for users, and provides authentication and authorization services to other systems or applications. Rivet currently supports SSO via the Security Assertion Markup Language (SAML) standard, which allows for secure communication between identity providers and service providers.
2. Benefits of SSO for Your Organization
Enhanced user experience: Users no longer need to remember multiple sets of credentials for different applications.
Increased security: Reduces the risk of password-related breaches and enables centralized control of user access.
Improved efficiency: Simplifies user management and streamlines the onboarding process.
3. Setting up SSO
To set up SSO for your Rivet account, follow these steps:
Go to Account Settings by clicking on your account name in the top right corner
Then you will click on account.
Click on "Authentication" on the Account page.
Find the "Identity Provider" box on the Authentication page. Use the information under Rivet Service Provider details to generate an XML file from your Identity Provider.
Click on the "Upload and enable" button.
Either click on the box to select or drag the Identity Provider XML file into the box. Click upload to use this file and start using single sign-on.
All users will be prompted to log in with a single sign-on the next time they log in. Note: currently logged-in users will not be logged out.
4. Managing Users with SSO
With SSO enabled in your Rivet account, there are several ways to set up new users:
Admins can send a new user the login URL found under Authentication in settings. This self-serve link will prompt the user to log in with the relevant Identity Provider, creating the Rivet user.
Admins can also manually add users to Rivet. After creating the user in Rivet, they will receive an email prompting them to log in using the relevant Identity Provider.
5. Multi-Factor Authentication with SSO
Setting up Multi-Factor Authentication (MFA) with your Identity Provider is an additional way to enhance the security of your authentication process. When setting up MFA, organizations should select the most appropriate combination of authentication factors that balance security and usability. Integrating MFA with your Identity Provider allows you to enforce consistent authentication policies across all of your connected applications and services
If you have any additional questions about the Single Sign-On implementation or its benefits, feel free to chat in or send an email to success@rivethealth.com.
Suggested next article - Managing User Permissions