Contact us

Single Sign-On vs Credentials login

Table of Contents

What are the differences between both systems?

  • Single Sign-on (SSO): is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials, for example, outlook credentials.
    • Pros: user doesn’t need to create a password and it’s a quick login.
    • Cons: requires technical implementation.
  • Credentials: user logs in with their work email address and a password they have created.
    • Pros: no need of technical implementation.
    • Cons: user needs to type the credentials every time they log in, if they forgot the password they need to create a new one.

Should I configure atwork suite to login via SSO or via credentials? #

Answer the below questions to find your better login type:

  • In your company, do you work with a centralized credentialing system (SSO)?
  • In your company, do you have an IT department?

If your answer is yes to both questions, SSO is your best login type.

If your answer is no to both questions, credentials is your best login type.

If in one of the questions your answer is yes, you can read the below documentation to check if you have the data required to login via SSO.

Which data atwork needs for configuring your platform with SSO #

Below we explain what you need to do and which information you need to provide to atwork to be able to set up SSO.

Identity provider requirements #

The identity provider your company is using, for example Azure Active Directory, should support:

It should support OpenID connect.
It should be able to include the user email address in the token. These email addresses must be the same as those used to register users in your atwork suite.

Steps to configure your identity provider #

  1. Register a new app for atwork suite in your identity provider.
  2. Authorize the endpoints for redirection to your atwork app domain/sso. For example: if the domain of your atwork app is https://ssoexample.atwork.ai, the redirect should point to https://ssoexample.atwork.ai/sso.
  3. Activate Access token and Id token, both.
  4. Configured access token and id token to add the email claim.

Data to provide to atwork #

  • SSO ISSUER/CONNECTION URL: the URL for the connection with the OpenID of the application registered in your identity provider. For example, if you use Azure, the URL would be https://login.microsoftonline.com/xxx/v2.0
  • SSO CLIENTID: the application ID for clients of the application registered in your identity provider.

Both data should be able to be found in the application registered with your identity provider.

What are your Feelings

Powered by BetterDocs

Turn employee feedback and HR data into action – with AI

Support
Contact
Help Center
Switzerland
Steinstrasse 21
8003 Zurich
Spain
Av. de Reina Victoria 35
39004 Santander
Resources
Articles
Atwork
Platform
Company
Pricing

© Copyright 2024 All Rights Reserved.

Imprint
Data Protection
Contact