Single Sign-On (SSO) is a method with which users are given access one time to the systems they need.
SSO and 2FA
One-time access must be safe, of course. To login to KeyHub, Two-Factor Authentication (2FA) is always required, that is why every linked application is also protected with 2FA. This is how 2FA forms an extra layer of security in your landscape.
The second authentication is carried out with the help of the user-friendly KeyHub app or authentication apps of Google or Microsoft. This manner of authentication is in line with the well-known security guidelines ISO 27001, NEN 7510, SOC 2 and the GDPR.
Group access with SSO
Within Topicus KeyHub, the rights of employees depends on the group they belong to. By logging in, an employee has access to Topicus KeyHub. The groups to which the employee belongs provide authorisations and thereby Single Sign-on access to applications. It is automatically recorded which employee requests access to which application and when. This information is collected in the Audit trail and clearly presented on the Auditor Dashboard.
Security with SAML and OIDC
Several protocols are implemented to ensure the security of Single Sign-On. Security Assertion Markup Language (SAML) and OpenID Connect (OIDC) are the most frequently used protocols for Single Sign-On. KeyHub supports both of these protocols.
Automatic login with SSO
Having to login several times a day can be disruptive for employees. With Single Sign-On login, employees only need to login once to Topicus KeyHub. This gives users access to the applications they need for their work.