Tiled allows customers to configure multiple ways to login. This document provides a high-level overview of what Single Sign-On (SSO) is and what it means to a Tiled customer.
What is Authentication?
In today's security-conscious world Tiled keeps your information secure by requiring credentials to log on to Portions of the Tiled environment. This is accomplished through an "authentication" process.
Currently, Tiled supports two authentication methods:
- Tiled Local - Available by default for every account.
- Security Assertion Markup Language or SAML (SAML, pronounced SAM-el)
Customers tend to opt to use SAML in addition to local authentication, because it provides their users, a seamless way to authenticate into all of the organization's enterprise applications and the added benefit of 'just in time' user provisioning.
Organizations that provide numerous web services to their employees will often configure Single Sign-on (SSO) Providing their employees one username and password to authenticate to multiple services.
A good example of this is Google, when a user authenticates into Google, to check Gmail they are also granted access to Google Sheets, Google Docs and more. Think of it as a virtual ticket to your own work theme park, one entry grants you access to all the rides.
With the use of SSO on your Tiled account it allows your users to quickly and seamlessly jump from application to application without the need of multiple sign-ins. The organization is also granted enhanced automated security as when access is recovered by the identity provider, users will no longer have access to the application.
With SSO configured for Tiled additional functionality allows for an automated user provisioning process called 'just in time' provisioning. Meaning, when a user logs in via SAML the authentication service will tell Tiled which user is logging in by; passing a unique identifier. With this option configured any new user attempting to access Tiled will have a new account provisioned for them. This process requires that the resource be available to the user, in other words, the user will need to be granted access to the application inside of the authentication provider. In addition to provisioning, the user's unique identifier Tiled can consume the user's full name if it is provided by the authentication service.
How do I set up this service?
Tiled authentication uses industry best practices and is secure. If your organization has an authentication service they would like to configure with Tiled, Choose to the appropriate guide from the options below.
- Configure Okta with Tiled
- Configure Google with Tiled
- Configure Google SAML with Tiled
- Configure Azure with Tiled