Greater Security in a Connected World
The development team are always striving to enhance the user’s experience of PlotBox. As we develop new functionality and features in today’s connected world, application security needs to be a top priority. With that in mind, we have implemented Single Sign-On (SSO) functionality to streamline (and further secure) the authentication process for users accessing PlotBox.
What is Single Sign On (SSO)?
SSO is a method of authentication that enables users to securely authenticate with multiple applications using just one set of credentials.
In relation to PlotBox, what this means is that a customer can sign into the application using their corporate Google Workspace credentials, or their corporate Microsoft Azure Active Directory credentials. They no longer need to maintain a separate set of credentials specific to PlotBox.
If a user is already logged into their corporate account, such as when using Gmail, then they will automatically be logged into PlotBox when they navigate to the site.
What is Security Assertion Mark-up Language (SAML)?
We have used Security Assertion Mark-up Language (SAML) as the standard for implementing SSO.
SAML is a standard for exchanging authentication data between parties, in the form of secure ‘request-response’ XML-based messages. There are two parties involved in this exchange:
- a ‘Service Provider’ (PlotBox) that initiates the exchange
- an ‘Identity Provider’ (Google Workspace or Azure Active Directory) that performs the authentication check and responds
So when a user attempts to log into PlotBox using their shared credentials, a ‘SAML request’ is sent to the Identity Provider with details of that user. The Identity Provider confirms whether or not the user should be authenticated, then returns a ‘SAML Response’ back to PlotBox. The user will be redirected appropriately based on the results of that response.
What are the benefits of using Single Sign On?
- There are many benefits of using SSO as an authentication method:
- Organisations can have centralised control over who has access to their systems.
- Users don’t need to maintain multiple sets of credentials, reducing the risk of credentials getting stolen.
- The user experience is improved and more seamless (no log-in screens).
- There may be a reduction in the number of credential-related helpdesk calls.
- Logins via SSO are now audited so we can ensure only valid users are accessing the application.
Giving the Customer Control
One further benefit of our specific SSO implementation is that users have the ability to configure SSO themselves, through a new ‘Security Settings’ module within the application.
Setup involves some simple configuration by customer IT departments to create a ‘SAML site’ on their end, then all they have to do is copy three values into this new module in PlotBox, and that’s it.
Of course, PlotBox Support are always available if assistance is needed!
We hope that the ease of setup and use will encourage more and more customers to adopt this secure approach to authentication.
Would you like to join our amazing team? Check out our current open roles here.