What is SSO?
Single Sign-On (SSO) is an authentication method that allows users to access multiple applications with a single set of credentials, streamlining the login process and enhancing security. By using SSO, users can log in once through their organization's user directory and gain access to the Verato user interface without needing separate credentials.
How Verato Implements SSO
Verato offers SSO functionality to allow customers to use their organization's own user directory for authentication when accessing the Verato user interface. This means that instead of logging in separately to Verato, users can authenticate through their organization's existing system Identity Provider (IdP), making the login process more efficient and secure.
Key Components of SSO
To understand how SSO works with Verato, it's important to know the two main components involved:
- Identity Provider (IdP): This is your organization's user authentication system. It verifies the user's identity and provides authentication tokens to access the service provider's applications.
- Service Provider (SP): This is the Verato user interface application. It relies on the Identity Provider to authenticate users.
Verato offers SSO authentication for user interface logins only -- but not for API logins.
Verato's SSO Capabilities
Here are the key features of Verato's SSO support:
- Connect Your IdP/SP: Integrate your Identity Provider with Verato's Service Provider to enable SSO.
- Federated SSO through SAML: Verato supports Security Assertion Markup Language (SAML) for federated SSO, allowing seamless authentication across different domains.
- Federated Logout: This feature ensures that when a user logs out of Verato, they are also logged out of the Identity Provider and other connected applications, provided the IdP is configured for Single Logout (SLO).
High-Level Security Requirements
Verato ensures high security standards for SSO, including:
- Two-Factor Authentication: Users must authenticate with a username/password combination plus a secure second factor, such as a one-time passcode or a multi-factor authentication app on their smartphone.
- Session Timeout: Verato's session timeout policy remains in effect, logging users out of the interface after 15 minutes of inactivity. If a user is idle for more than 15 minutes, they are logged out of Verato. If the Identity Provider is configured for SLO, the user will also be logged out of the IdP and other connected applications.
Our Process for SSO Configuration
To set up SSO with Verato, our customers work directly with our customer service team to determine the exact requirements and configure the SAML SSO integration. More details and additional resources are available upon request through our secure Zendesk Support Portal.