Identity Management Capability: Web Application Single Sign-On

Identity Management Capability: Web Application Single Sign-On

The IT market is more active than ever, with one category in particular becoming a popular topic. The identity management marketplace has picked up quite a bit of momentum due to advancements in fundamental technologies, such as mobile computing, the cloud, web apps, and much more. These changes are inviting IT admins to dive deeper into the identity management capability for web application single sign-on (SSO) solutions.

The Cambrian Explosion of Web Apps

Shift LDAP Cloudward

The early identity and access management (IAM) market during the late 1990s to the beginning of the 2000s was fairly straightforward. The center of the IAM universe was Microsoft® Active Directory® (AD), which connected users to the on-prem, Windows-based network, laptop or desktop, and applications. This approach worked while everything stayed Windows-centric and on-prem, but started to break down as web applications started to emerge.

Salesforce® started off what some would call the “Cambrian Explosion” of web applications. Salesforce was one of the first web apps to gain significant market traction due to its overall impact and usability in the workplace. In its wake came solutions such as Dropbox™, G Suite™ (formerly Google Apps), Office 365™, and Slack. These applications and tens of thousands of others emerged to serve essentially every part of an organization. The challenge for IT admins quickly became how to connect and secure access to these web applications for their users. Active Directory wasn’t built for these new, non-Windows, off-premises IT resources.


Since AD couldn’t keep up with this new wave of web apps, the result was a generation of IDaaS (Identity-as-a-Service) vendors that appeared to solve the issue. They would leverage AD identities and federate them to web applications. End users could then go into a web portal and launch their application. Given the circumstances, this represented the most convenient approach for many years—use Active Directory as the foundation and then build on top of it with solutions such as web app SSO, identity bridges, multi-factor authentication (MFA/2FA), identity governance, and much more.

Of course, the downside of this approach is that more solutions meant more moving (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at:

Zach DeMeyer

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

zach-demeyer has 147 posts and counting.See all posts by zach-demeyer