Single Sign-On: Integrated SaaS and PaaS User Experience

Increasing SaaS adoption, IT systems moving to enterprise cloud solutions with hybrid landscape as an extension to their On-Premises Applications.  User Experience plays a vital role and offering robust user authentication/authorization with seamless Single Sign on experience become a key business driver for enterprises implementing SaaS/PaaS solutions.

Enterprise expectations on User experience

Customers are looking for a faster and seamless solutions for User onboarding. Enhanced Performance and increased productivity by facilitating quicker access to cloud application for enterprise users.

Enhanced security, unified user authentication and Single Sign-on leveraging the existing Active directory services of enterprise become the customer’s choice to enable their enterprise users to access the cloud applications seamlessly.

What is Single Sign-On

Single Sign-On (SSO) enables users to login into one cloud service and access other cloud applications without entering the credentials again, providing users a seamless navigation experience while accessing multiple cloud applications.

Why SSO is desirable in Enterprise Cloud

•    Seamless federated SSO capabilities for SaaS/PaaS which enables users to access PaaS based extensions through SaaS applications without the need to sign in multiple times.

•    Facilitate Enterprise to provide fast, secure access to applications for Employees and Business partners

•    Hassle free Cloud application navigation experience for users with reduced failed login attempts and password resets.

•    Centralized management of authentication and authorization leveraging dedicated Identity provider for User Authentication and Service provider for User Authorization for application access

•    Centralized framework for security and compliance

How Oracle IDCS becomes a preferred Identity management solution for Enterprise needs

Oracle Identity Cloud Service provides a comprehensive integrated solution that offers Identity management, Single Sign-on (SSO) and identity governance for the applications hosted in On-premises and Cloud.

Oracle IDCS also enables seamless integration with existing identity management systems and directories to facilitate enterprise users to get the access for the cloud applications.

Oracle IDCS unique offerings for seamless Single sign on enablement for SaaS/PaaS

•    User life cycle management using standard SCIM interface

•    Federate user authentication using On-Premises identity providers like Oracle Access Manager or various 3rd Party SAML Identity provider like Azure AD, OKTA, One Login, Ping Federate etc.,

•    Automated user provisioning from Cloud or On-Premises Identity Providers.

•    Support SAML based authentication for Identity federation and enabling single sign-on

•    Interactive UI which requires less configurations to enable SSO for SaaS and PaaS Cloud Applications

•    Efficient way of managing profile and user account passwords and facilitate self-service based user registrations

•    Leveraged as Identity provider for User Authentication and Service provider for user authorization and role-based access management

•    Pay-as-you-go offering – Customers pay only for what they use and helps enterprise in cost reduction.

•    Enhanced security offerings like multi-factor authentication (MFA) for enterprise cloud applications to have multi-layer security.

Identity federation and Single Sign on enablement in IDCS – Implementation steps

Identity Federation

•    Register external Identity Provider in IDCS
•    Configure IDCS as Service Provider in external IDP
•    Synchronize user identities from external Identity Providers
•    IDP Policies to enforce default Identity Provider Authentication
•    Test the federation trust between Identity provider and Service Provider

Single Sign-on Enablement

•    Register SaaS/PaaS service as SAML Application
•    Configure Assertion Consumer endpoints
•    Configure SSO Endpoints and Access signing certificate
•    SSO Attributes mapping for respective SaaS/PaaS Services
•    SAML Application Activation and test SSO endpoint access

Summary

Identity federation and Single Sign on is attaining momentum as Enterprise needs quicker onboarding of users and hassle-free user experience while accessing SaaS/PaaS Cloud Applications. Customers who have selected Oracle IDCS can boast a resilient and a robust Identity management solution addressing various challenges impeccably in Enterprise user Identity Federation and Single Sign on enablement for SaaS/PaaS applications.

Author Details

Venkatesh Subramanian

Working as a Senior Technology Architect in ORCMW unit and area of expertise includes Oracle Cloud platform migration of SOA workloads, PaaS service Administration, IDCS and Single Sign on management etc.,

COMMENTS(1)

  • Venkatesh , this is excellent blog . IDCS plays a very pivotal role in SSO between SaaS and PaaS. Everyone should explore and implement IDCS in such scenarios.

Leave a Comment

Your email address will not be published.