Single Sign-On (SSO) and user auto-provisioning
While authenticated by their organization's Identity Provider, users can access Community seamlessly without entering credentials. You can use SSO to enable users to seamlessly access Alida without entering credentials after they authenticate with your organization's Identity Provider (IdP). User auto-provisioning enables the centralization of Alida user management in your IdP.
What is SSO?
Single Sign-On (SSO) allows users to log in to Community with a SAML 2.0-enabled Identity Provider, such as Azure AD, OneLogin, and Okta. SAML (Security Assertion Markup Language) is a standard protocol that provides the Alida platform with a secure industry standard mechanism to integrate with your organization's login provider.
Setting up SSO requires configuration in both the Alida platform and your organization's Identity Provider.
Who should implement SSO?
SSO is an option for direct customers that want to retain control of access to applications used by their staff.
In addition to reducing the number of login credentials users need to remember, SSO is a simple method for controlling access to your Community members and their data. Should your IT or security department implement IP allowlisting, two-factor authentication, or specific password policies, a SSO implementation will likely meet their requirements.
What are user auto-provisioning and SCIM?
User auto-provisioning is the process of creating, updating, and deleting user accounts and their access rights using your Identity Provider (IdP) as the single source of truth.
For Alida, user auto-provisioning centers around the mapping of groups between the IdP and Alida. For example, a user assigned to the Administrator group in your IdP is provisioned to a mapped Admin group in Alida that grants them the Admin role.
System for Cross-domain Identity Management (SCIM) is an open standard protocol for automating user identity and access management across different IT systems and applications.
When you create, update, or delete a user in your identity provider (e.g., Microsoft Azure, OneLogin, or Okta), SCIM automatically pushes those changes to Alida.
Who should implement user auto-provisioning?
User auto-provisioning is most applicable for organizations that need to manage a large number of Alida users and want to reduce the administrative burden and security concerns with manually making changes to these user accounts.