Single Sign-On Overview

Related Tags: integration sso

With the Single Sign-on (SSO) feature, you don’t need to maintain yet another password for accessing the GoodData platform. You can use your existing infrastructure for user management. You can also connect using the GoodData APIs to allow your users to log in to GoodData seamlessly.

The key point in understanding the SSO mechanism is that SSO resolves the login and redirect inside the GoodData platform. Other tasks such as user management within a single project are maintained by the classic user provisioning features.

SSO is a key component for embedding dashboards into your web applications. If you have defined an iframe to embed a dashboard, you should enable SSO so that the dashboard users do not get errors when trying to access the dashboard. The following picture shows the process:

SSO visualization
SSO visualization

When a user logs out, they are redirected to a special SSO logout page. Any white-labeling applied to the GoodData project is also applied to the SSO logout page.

If SSO login fails, the user is redirected to a special error page.

SSO Provider

An SSO provider is a unique string used to identify the exact key / certificate on the GoodData side. A user account with the SSO provider can access a GoodData project without using a password. The user can use predefined SSO providers, such as Salesforce. The SSO Provider parameter is used in the user provisioning API.

Supported SSO Types

GoodData supports the following types of SSO authentication: