User administration
      Back to home
      1. Home
      2. User administration

      What is SSO?

      SSO stands for Single Sign-On, which is a method of accessing multiple applications or systems with just one set of login credentials.

      With SSO, a user only needs to authenticate once and can then access all the other systems or applications they are authorized to use without having to log in again.

      This can be a great convenience for users, as it eliminates the need to remember and manage multiple usernames and passwords. It can also improve security, as users are less likely to reuse passwords across multiple systems, and IT departments can more easily monitor and manage access to sensitive data and different systems and applications.

      SSO can be implemented in various ways, such as through the use of third-party identity providers, and this is what we do in Loopfront.

      In Loopfront, you as an organization, need to choose if you want one of the following aothorization methods:

      1) Username/password

      2) Social login via Google

      3) SSO

      If your organization has SSO configured for Loopfront, then it will work like this for the end user (in this example we are using Azure AD as Identity Provider):

      1. The user attempts to access Loopfront via https://loopfront.app
      2. When the user enters business email address in Loopfront's login page, Loopfront redirects the user to the Azure AD login page (Azure AD or other Identity Service Provider, depending on your organization's choice).
      3. The user enters their credentials (username and password) on the Azure AD login page.
      4. Azure AD verifies the user's credentials.
      5. If the user is authenticated, Azure AD generates an access token and sends it back to Loopfront.
      6. Loopfront uses the access token to authenticate the user and grant them access to the Loopfront application.

      When the user has done the steps above, it does not need to be repeated on the next sign on - the sign on then happens automatically.

      When Loopfront is integrated with Azure AD, the Loopfront user object can be automatically created for the user, on the first sign on. This means that the users do not have to explicit create a user in Loopfront at all.

      With Azure AD, roles can also be automatically set in Loopfront based on Azure AD group/roles.

      Overall, SSO with Azure AD or other Identify Service Providers can provide a seamless and secure authentication experience for users of a web application.

      If you want SSO to be set up for your organisation's Loopfront account, you need to give Loopfront information about what Identity Service Provider your organisation is  using (for instance Azure AD) and the following additional info (from your IT team): Directory Tenant IDApplication (client id), client secret and what domains you are using for logging in.

      Please contact support@loopfront.com if you want Loopfront to tell you more about the SSO possibilities and benefits for your organisation.