EuroSSO is a solution that makes possible to secure multiple applications using the Single Sign-On function and identity management. It is one of the components of the EuroAP application server and is based on the KeyCloak project.
Single Sign-On is a session and user authentication service. Allows access to all resources associated with a network service (e.g. multiple applications) after single sign-on to it using a single set of login credentials. This also applies to logging out - it is enough to log out once from one application to actually log out of all applications configured with EuroSSO.
Single sign-on also works for workstations. If users authenticate using Kerberos protocol (LDAP or Active Directory), they can automatically authenticate to EuroSSO without having to re-enter their user name and password when they log on to the workstation.
SSO is used to facilitate the management of usernames and passwords. It significantly reduces user registration and sign-in times for individual apps, which saves resources. The EuroSSO module therefore increases the efficiency of the EuroAP application server by facilitating access to the applications and services installed on it. Single sign-on in EuroSSO is based on popular standards: SAML 2.0, OpenID Connect and OAuth 2.0. EuroSSO can operate within an organization, in directory services, or as an external identity provider.
Installation of EuroSSO is analogous to the installation of EuroAP. The only additional element is the need to connect a production data source to EuroSSO. The implementation is therefore simple and takes no more than a dozen minutes. The EuroSSO module is available at no extra cost as part of a EuroAP subscription.
Advantages of EuroSSO
- minimizes the number of usernames and passwords to be remembered for each application
- enables forcing the 2FA function (Two-Factor Authentication)
- streamlines the process of logging in and using the application
- reduces the risk of phishing
- reduces the number of user-reported sign-in issues.
Runs as a stand-alone identity provider based on SAML or OpenID Connect.
It has a certificate of compliance with LDAP and Microsoft Active Directory servers which are sources of information about users.
Integrates with third-party identity providers, including leading social networks.
REST API and Administrative Graphical User Interface
Allows you to configure user federation, role mapping, and client applications with easy-to-use administrative GUI and REST APIs.
EuroSSO Graphical Administration Console
EuroSSO has been equipped with an intuitive administration console enabling central management of all its functionalities. It makes it possible to easily define detailed authorization rules and manage users, including authorizations and sessions. Enable, disable, and manage individual features, configure services, create and manage applications and services.
Account Management Console
EuroSSO also has a clear console that facilitates the management of settings on the user's account. It allows you to quickly update your profile, change your password, and set up multi-factor authentication. You can also manage sessions and view your account history.
EuroSSO supports connections to LDAP or Active Directory servers as standard. It is also possible to implement your own provider.
EuroSSO comes with its custom adapters for quick integration with popular platforms, e.g. EuroAP, JBoss®, Fuse®, or Node.js®.