In this update, we have introduced support for single sign-on. Single sign-on is a mechanism that allows you to authenticate users in your systems and subsequently tell InfoNeedle that the user has been authenticated. The user is then allowed to access InfoNeedle without being prompted to enter separate login credentials.
At the core of single sign-on is a security mechanism that allows InfoNeedle to trust the login requests it gets from your systems. InfoNeedle only grants access to the users that have been authenticated by you. InfoNeedle SSO relies on a technology called JSON Web Token (JWT) for securing the exchange of user authentication data.
Here are the steps of the single signon authentication process:
As you can see, this process relies on browser redirects and passing signed messages using JWT. The redirects happen entirely in the browser and there is no direct connection between InfoNeedle and your systems, so you can keep your authentication scripts safely behind your
corporate firewall.
If you'd like to learn more about InfoNeedle Single Sign-on suport, send an email to [email protected], requesting a copy of our SSO API documentation.
We are hard at work listening to your feedback and making improvements. We want to hear from you. Let us know what you like, what you don’t, and features you’d like to see in the product.
Thanks for your continued support.
The InfoNeedle Team