or

1.5. Single Sign-On

Single Sign-On (SSO) is one of the ways of authentication that enables users to use one set of login credentials to securely access multiple applications.

In addition to being much simpler and more convenient for users, SSO is widely considered to be more secure. The full list of the advantages of using SSO are the following:

Additionally, the tech requirements listed below should be met in order to set the Single Sign-On functionality successfully:

  1. User management. The user is needed to be added to Fluix in advance by the admin to be able to login in using SSO.
  2. Corporate domain integration. The company’s domain needs to be specified in Fluix and it should match the email domain of the users for the particular company. Let’s say, the domain that was specified by Admin in Fluix is readdle.com, therefore, the emails of the users who are going to login to Fluix account using SSO should be corresponding with this domain, e.g. user@readdle.comuser2@readdle.com, etc.
  3. Multi-accounts restriction. In case there are some users who have different email domains within the same company account (e.g., user@readdle.comuser2@fluix.iouser3@gmail.com) the company Admin will need to select only one email domain that will be used for the SSO. Other users having different email domains will not be able to login in using SSO.
  4. SAML authentication standard. The identity provider, which specifies the user name, is required to return the NameID value of the user email address in Fluix. There could be also another attribute that may contain the email address, though, a custom attribute name will be needed to be configured on the company’s end in Fluix settings. 
  5. Identity Provider Compatibility. Any identity provider for authentication (Okta, Auth0, Microsoft AD, etc) can be used in Fluix, and any of them are compatible with our system.
  6. Verification certificate. The certificate file that will be added on the company’s end needs to contain the public key so that Fluix could verify sign-in requests and the SAML response sent to Fluix in order to make sure that SSO assertion was received from a particular company’s account and wasn’t modified during transmission. 

Learn how the Single Sign-On functionality works and the way it can be implemented for your account in the article about Security Settings.