Release note 2021.11.11 - SSO

SSO – Single Sign On

Single sign-on (SSO) is an authentication tool that allows users to access any integrated app with just one password via a pop-up widget or login page. Instead of twelve passwords a day, with SSO you only need one. Users no longer need to remember and enter multiple passwords or reset forgotten ones. Users can also access a range of platforms and apps without having to log in each time.

Husky's SSO uses Security Access Markup Language (SAML), an open standard that converts text to machine language and enables the exchange of identifying information. It is one of the most important standards for SSO and is used by application providers to send correct authentication requests. SAML 2.0 is specially optimised for web applications and allows data to be transferred via a web browser.

The advantages of single sign-on are

  • Simplicity for the end user
  • The end user is more productive
  • Provides the opportunity to tighten up the single sign-on procedure and make the network more secure
  • Only one password to remember (the number of password recalls or resets will decrease)
  • Login process is simplified
  • The advantages of SSO
  • No reuse or passing on of passwords possible
  • Reduced attack opportunities (makes your organisation less vulnerable to phishing attacks)
  • Seamless and secure user access (provides real-time insight into which users are using applications at what time and from which location.
  • Easier control of user access
  • Independent and productive users: SSO authentication eliminates the need for manual monitoring and provides instant access to thousands of apps with a simple mouse click.
  • Future-proof: With SSO as a basis, your organisation is in a favourable position for future security optimisation

How to set up SSO in Husky?

The first step is to contact your account manager, who must activate SSO in your account. 

When the account owner logs into the back-end after activation (ONLY the account owner!), he will see an additional item in his menu to set up the connection:

The account owner must copy the Reply URL and place it in the Single sign-on configuration in Azure AD and copy the required information from there to Husky SAML2 auth settings.

After the account owner has added all the information and clicked the Save button, the settings are validated. He will see a success or error message. In case of an error message (meaning an invalid setup) the user should click on the back button in the browser, go to the setup, correct the settings and try again until the success message appears. If password auth is disabled - it will not apply until the settings are validated!

Once password auth is disabled, members of this account cannot log in with email/password auth. If SAML2 auth setting becomes invalid - user will not be able to log in at all! The only way to log in is to set the disable password auth to false. This can only be done by the Husky account manager via the back office.

Latest update:18 November 2021