Single-sign-on (SSO) now available for Gandi Corporate customers
The security of our users is fundamental. That’s why, after long having offered two-factor authentication, we are happy to announce that Single-Sign-On (SSO) authentication via the SAML protocol is now available for Gandi Corporate Services customers.
What is SSO authentication?
“SSO” is the abbreviation for Single-Sign-On. This authentication method enables a user to connect to several accounts via a single username/password sign-in.
Essentially, following a complex exchange of information between an identity provider and Gandi, a user’s login information is exchanged in total security, enabling them to connect to any of Gandi’s services for which they have access rights.
Why use SSO authentication via SAML?
First of all, SSO authentication provides greater ease-of-use for users and account admins.
The user connects to all platforms using a single username/password entry.
For their side, an admin can only manage their business account list, and authorize access to users according to their area of activity on each application, to have more fine-tuned access rights. On the other hand, if an employee leaves, all of their access rights can be removed by the admin from their own account in the business account list.
In addition, with the continued growth of cyberattacks, assuring the protection of online accounts is all the more crucial. Using an SSO system of authentication on different external accounts becomes progressively more normal in order to:
- ensure and master the level of authentication security desired by the business,
- manage access to all employees from a single place (and therefore avoid inevitably forgetting to remove access otherwise)
How do I implement the SSO authentication system?
Use of the SSO authentication system is open to all customers subscribed to the corporate pack who have also activated the SAML option.
After signing up for the corporate pack, activating SAML is possible from the “Organization” tab under “Tools.”
To activate SSO via SAML, the administrator fills out the following data in the configuration form:
- URI of identity provider’s metadata (where the IdP metadata file is stored)
- Gandi URL slug, which will be the link enabling users to directly connect
- Email used in the business directory
After submitting the form, the data are sent to Gandi who then provides an XML document. The admin should copy this XML document to their SAML configuration in order to activate the SSO authentication system at Gandi.
And there you have it, your SSO authentication via SAML is active!
For more information about the SSO authentication system, feel free to contact your Gandi Corporate Services account manager or to email us at firstname.lastname@example.org.Tagged in corporateSecurity