Next Generation Single Sign-On Solution

single sign-on

IT admins are ready for a next generation single sign-on (SSO) solution. Conventional SSO solutions have merely been add-ons to the on-prem identity provider (IdP), primarily Microsoft® Active Directory® (AD). However, as the world moves to the cloud, many IT organizations are looking to move past their aging on-prem infrastructure, including their IdP. For them, the question becomes, how do you advance your SSO and identity management into the next generation, without AD on-prem?

One answer is to leverage JumpCloud®  Directory-as-a-Service®, which combines the best of SSO and directory services all in one, cloud-based package. However, before we dive into the benefits of this next generation single sign-on solution, we should discuss the development of SSO from a high level.

Single Sign-On Development

saml example

SSO solutions were introduced in the mid-2000s as web applications gained popularity in the enterprise. However, Microsoft arguably pioneered the concept of SSO when they introduced Active Directory in 1999. At the time, IT networks were on-prem and predominantly revolved around the Windows® operating system. IT organizations built and maintained private data centers on-prem, and it was all tied together by an on-prem AD domain controller used to authenticate user access. The benefit of this approach was that users could access virtually all of their IT resources by simply signing on to their system. In other words, they had a single sign-on experience.

It was nice while it lasted. However, the IT landscape started to change a few years later when web applications like Salesforce and Google Apps (a.k.a. G Suite) came to market. The trouble with cloud services such as these was they could not be bound to an on-prem Active Directory domain controller. Consequently, IT admins were unable to manage them with AD. It was this limitation that created an opportunity for first generation Identity-as-a-Service (IDaaS) solutions like web application SSO.

SSO solutions have proven to be useful. The trouble is they are effectively add-ons to the the on-prem identity provider (i.e., AD, OpenLDAP). In other words, they don’t serve as a (Read more...)

*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/next-generation-single-sign-solution/

Vince Lujan

Vince is a documentation and blog writer at JumpCloud, the world’s first cloud-based directory service. Vince recently graduated with a degree in professional and technical writing from the University of New Mexico, and enjoys researching new innovations in cloud architecture and infrastructure.

vince-lujan has 149 posts and counting.See all posts by vince-lujan