How to ensure Single Sign On?
Single Sign-On (SSO) is an authentication mechanism that allows users to access multiple applications or systems with a single set of login credentials.
What is the difference between Remember Me (Stay logged in) and Single Sign On?
There are some cases, when you would like to ask customers, if they would like to stay logged in. This is called "Remember Me".
You can define this per Application, and thereby decide whether the User should stay logged in and therefore also enable Single Sign On. Having this in mind, Single Sign On is only possible if the user confirms / or you decide to always allow Remember Me.
How to activate Single Sign On?
Single Sign On is activated by default, considering that this also improves Security.
In the Application Settings, you will see the option remember_me_selected. It will behave as described below:
- The Remember Me Option is returned in the public-Endpoint and thereby can be interpreted dynamically by the default hosted pages or by your custom implemented UIs
- The Default Hosted Pages will behave as follows:
- Your Custom Implementation: When sending the rememberMe Field in your request payload, cidaas will consider this value. If it is not sent at all, cidaas is verifying the app configurations and uses this value by design.
How to force re-authentication after a particular time?
The Authz Endpoint is used to prompt the user for login or to perform a Single sign-on, e.g., when switching the application (portal). This also means you can influence the parameters overhandedly in the authentication call. So that the user always has to re-authenticate, you can overhand max_age=1 (in seconds) or prompt=login. This will validate that the last authentication was performed less than 1 second (or your specific value) from the current date. If you want to say that, for example, re-authentication should always take place after half an hour, you can set max_age to 1800 accordingly.
Need Support?
Please contact us directly on our support page