Implementing Stracl Webapp SSO (Single Sign-On) Using SAML for Authentication
Stracl Webapp is a cloud-based software to automate and accelerate change management, by providing dashboards, tools, and quizzes to promote stakeholder and executive engagement. It is primarily used by Change Management Professionals, Project Managers, Instruction Designers and Security Specialists.
Overview
As a cloud-based SaaS provider, Stracl Webapp requires that users enter their username and password before gaining access to the application. The login process is simple and straightforward; however, it requires that the users remember the web address, user id and password for their application. This may become a hassle for the end-users as well as unmanageable for the Stracl administrators when the number of mappers and managers grows to hundreds of users.
The purpose of this document is to explain how Stracl customers can implement Single Sign-On (SSO) to Stracl using Security Assertion Markup Language (SAML) protocol. The SSO using SAML protocol will take the place of the Stracl Webapp Login page.
Requirements
To implement Stracl SAML SSO, your company must already be configured to use SAML 2.0 protocol for Single Sign-On and be ready to serve as an Identity Provider.
Some cloud-based vendors that provide Identity Provider SSO solutions include Okta, Microsoft Azure, IBM, OneLogin, Centrify, and Salesforce to name a few.
What Stracl SAML SSO will provide
The Single Sign-On implementation will allow users to access Stracl after being authenticated, using their corporate identity and credentials within the company network. This eliminates the need for the users to maintain a separate login ID and password for Stracl. This is arguably the greatest advantage of using SSO as users can seamlessly and securely access Stracl with a single set of credentials entered once.
User authentication is provided by the company (Identity Provider). This provides a single point of authentication and increased security, as the user credentials do not leave the company firewall boundary. This also means that Stracl does not need to store or synchronize user identities, as inactive users are automatically denied access.
End-users will log in to your corporate SSO Cloud application, and then select Stracl from the list of corporate applications available. If the company choose not to publish Stracl on the SSO platform, they can provide the end-users an URL that will link to Stracl. The screen capture shows OKTA SSO platform, but your IT department may use a different SSO software that can accept and post responses using SAML.
Benefits
With Stracl SAML SSO, companies can see huge reduction in login-related help desk calls, and faster adoption for users to login and use the application.
Three benefits of using Stracl SAML SSO:
- Eliminate passwords and increase end user adoption. Increase usability and simplified access with federated Single Sign-On. No more sending out temporary passwords to hundreds of end users.
- Integrate seamlessly with corporate directories. Ensures that new users automatically gain access and inactivated users are denied access to the Stracl SaaS.
- Increased Security. Utilizes Security Assertion Markup Language (SAML), a widely used single sign-on protocol that is based on strong digital signatures for authentication and integrity. User authentication occurs inside the corporate firewall.
Roles, Responsibilities and Time Requirements
A Stracl IT resource will provide configuration information to your technical support that will include:
- Assertion consumer service (ACS) URL
- EntityID
- Subject type (username or federation ID)
Time Requirements: 1 - 2 Hours
Your company’s technical resource will need to provide configuration information to Stracl IT resource, then implement and test the integration. Examples and documentation on how to integrate with cloud-based SSO solution vendors like OKTA, Microsoft Azure, Centrify, OneLogin and Salesforce can be found online or provided by Stracl upon request.
Time Requirements: 1 - 2 Hours