Skip to main content

Integrating Single Sign-On with your Zapnito community

Jon Beer
  • Updated

If you’d like your users to be able to access your Zapnito site with the same credentials that they use for another of your websites, then you may need us to set up Single Sign-On for your site. Here’s what it’s all about.

Single Sign-On typically allows your users to:

  1. Register and sign in to your Zapnito site using a username and password already used on your organisation’s other systems.
  2. It may also allow them to be signed in to your Zapnito site automatically if they are already signed in elsewhere.

This has benefits such as:

  • Your users only need to remember one set of credentials;
  • If you have one, you can use a central identity management system to grant or deny access to your Zapnito site;
  • Depending on your systems, you may have full control over the password complexity and password expiry rules.

SSO can be implemented in various different forms and guises depending on your requirements and the systems you already have in place. SSO is currently a service Zapnito offers at a fixed fee.

Some considerations when you are thinking of implementing SSO

Which Open Standard are you going to be using? Some examples include;

  • SAML
  • OAuth
  • Token-based

Which Identity Provider do you prefer to use (if any)? E.g;

  • Okta
  • Auth0
  • OneLogin
  • Microsoft ActiveDirectory
  • Salesforce Identity
  • Zapnito (we can also act as the Identity Provider if desired)

Is SSO to be used exclusively or are you planning to have a hybrid approach (i.e. also allow Zapnito's native authentication)?

Is Single Logout (SLO) required?

Important caveats to remember with SSO

Once SSO is enabled, some core features of Zapnito user journey's are not available. For instance;

  • User invitation flows are disabled
  • User registration flows are disabled
  • Password resets are disabled

Single Logout (SLO)

We have also now made it possible to implement SLO on your Zapnito community. We can support SLO if you are able to provide an endpoint URL that accepts a GET request, that can be used to destroy the current browser session on the identity provider.

Please contact us at support@zapnito.com to discuss your requirements.

Related articles

Comments

0 comments

Please sign in to leave a comment.