Home >> Technical Notes >> Single Sign On - SSO
Single Sign On - SSO Print E-mail

A Single Sign On (SSO) system allows Business Users to request authentication once only to access several applications generally accessible via a portal. SSO can also mask the heterogeneity of the different authentication systems (login/password, pin, certificates, etc.)

FlowMind requires Business Users to be authenticated. Once this is done, Business Users can access their task list and FlowMind can keep an audit trail of their activities. Because FlowMind needs to know all potential users, is uses a User Manager Driver to connect to an application directory or a corporate directory (LDAP, databases). 

If a Business User wants to interact with FlowMind, they must open a session via the Interaction API. FlowMind can be configured to either deal with user authentication by login/password, or it may delegate the authentication to a third party. In this case, FlowMind only requires the user ID to open the session (Principal).

In the second scenario, user authentication may be handled by the SSO, thus preventing users from having to authenticate themselves several times. It is simply necessary for the SSO to know how to present the ID which corresponds with the user in the directory. 

There is another integration possibility between SSO and FlowMind which consists in developing a User Manager Driver to manage automatic registration. All unknown users who present themselves will become valid users. This is the case when FlowMind totally relies on the SSO system.