There has been significant progress made by cloud computing services such as SaaS, PaaS, and IaaS since the early 2000s. With progress, there came an unusual burden on IT management. People using cloud computing have to manage multiple usernames and passwords which lead to them forgetting the credentials in many cases. It has been observed that 20% of customer care queries are related to forgotten credentials.
Due to the numerous applications being produced every day, there is a significant loophole which needs to be addressed. The IT department often lacks access to information about which applications do most of the users prefer or the frequency of usage – which gives way to fraudulent activities such as phishing, hacking of databases etc. and mismanagement of the highest order.
Access control is one of the most influential factors in IT security but is also the most vulnerable. Central management of access control is important for scaling of cloud-based applications for prevention of excessive overhead costs, visible organization’s inefficiencies and identity breaches.
Identity breaches have become exceedingly rampant due to which SAML, Security Assertion Markup Language, was introduced in 2002. SAML is an open-standard based on XML for authentication and authorization between two parties, usually – identity provider and service provider. It is a product of the Organization for the Advancement of Structured Information Standards (OASIS) which allows users to access multiple applications using a single user-name and password combination. This is known as identity federation as it enables users to maintain one identity across various apps.
The most important implementation glitch that SAML undertakes is web browser single sign-on (SSO). QuestionPro now offers SAML based SSO which will enable users within an organization to access the QuestionPro survey software. The users aren’t expected to create and maintain separate accounts especially for QuestionPro.
Steps to set up SAML SSO for login authentication:
- Please go to My Account » Authentication and Logs to enable SAML authentication.
- Under Login Authentication, select SAML (Signed). There are three options available for configuring SSO:
- Metadata URL – The most straightforward approach to set up SSO is to enter a link to the identity provider metadata file (if they can provide this information). After entering and saving the link, QuestionPro will download the file, parse it and complete the configuration.
- Metadata File – In some cases, identity providers expect a service provider to download the metadata for configuration and not the URL. Service providers can choose the “Metadata File” option and enter the downloaded file before saving it. QuestionPro will analyze the data and critical information will be extracted without saving the metadata file. For any changes, the metadata file will have to be uploaded again and the entire will have to be repeated.
- Manual Settings – For manual configuration, information about two parameters should be provided:
- Entity ID / User
- X509 Certificate
- Metadata URL – The most straightforward approach to set up SSO is to enter a link to the identity provider metadata file (if they can provide this information). After entering and saving the link, QuestionPro will download the file, parse it and complete the configuration.
- For QuestionPro to identify and automatically provision access, the SAML identity provider must be configured to enter only one attribute: emailAddress.
Click here for more information and details about SAML2.0 integration.
