It has been almost 3 years since we started providing our services and from the early days we had a growing number of Subscribers requesting more than one instance. Obviously, we were and continue to be happy to see this trend, but in practice this means that everyone using the instances we manage needs to have different log-in details for each platform. This approach starts becoming unproductive if you take into consideration that (a) you need a different password for every platform for security reasons and (b) user management for admins is annoying, to say at least. Imagine a scenario when you are the manager of an organization that is a Cloud68.co Subscriber of more than three instances. In this scenario, you might need to do the following tasks from time to time:
- add new people to your infrastructure;
- remove access for colleagues who are leaving the team (interns and freelancers are good examples here);
- impose (and manage) two factor authentication logins. This means more work for managing infrastructure, even if our friendly support team can help you every time you open a support ticket and less focus on your main tasks. Time-consuming right?
The solution? SSO
Single sign-on (SSO) is an authentication scheme that allows a user to log-in with a single ID to any of several related, yet independent, software platforms. From an operational perspective you and your team can have one login page to access your Nextcloud, WordPress, Mattermost, BigBlueButton and Discourse instances. A proper single sign-on solution allows you to log in once and access services without re-entering authentication factors. With two factor authentication on top of this scheme the process of accessing your instances is not only easier, but also more secure.
Announcing our SSO solution for our Subscribers
As more Subscribers are using our managed service for a variety of open source platforms, we decided to officially provide a solid SSO solution. If your organization requests three or more instances, you will be provided with Keycloak, an open source software solution, to allow single sign-on access to your instances with Identity and Access Management. Keycloak is under the stewardship of Red Hat, one of the biggest providers of open source software, who use it as the upstream project for some of their services.
Keycloak has tons of features to make it easy for you to manage authentication to your team members, but here are the main ones:
- User registration;
- Single sign-on/sign-off across all applications belonging to the same realm;
- LDAP integration;
- Social login and more.
What do you think? Interested in having a demo? Schedule a call with one of our team members for a quick demo and to answer your questions.