Single sign-on (SSO) allows you to authenticate users in your systems and then tell MRI OnLocation that the user has been authenticated. The user can then access OnLocation without being prompted to enter separate login credentials.
When using SSO the authentication process is handled outside of the OnLocation application. You verify the identity of the user and then let our application know.
OnLocation supports two methods of SSO:
- Secure Assertion Mark-up Language (SAML) 2.0 – this allows you to provide SSO to OnLocation using enterprise identity providers such as Active Directory and LDAP, or choose a 3rd party SAML service such as Okta, OneLogin, and PingIdentity.
- A JSON web token is forwarded by your system to securely identify the user.