How do you define SSO?

Kara
Kara Vanilla Ice Cream

Hello community managers! My company (small SaaS) does not yet have any sort of single sign-on process, meaning none of our systems - both internally and externally facing - are integrated. It's long overdue and something we're venturing into next year.

I've always had/worked with SSO in past jobs and am very familiar with it, but am realizing my current company has a different idea of what SSO means and how it should work. So in an effort to get some different perspectives, I'm wondering...

  • How does your company define SSO?
  • What is its end goal? (i.e. improving customer experience, less manual labor, accessing more analytics, etc.)
  • What teams were involved in its development/maintenance?
  • Is your SSO primarily for internal staff, external customers/users, or both?
  • Pros/Cons of SSO for your community?

Thanks for your thoughts!

Kara

Comments

  • Adrian
    Adrian HLV Staff Alumni

    Hey @Kara - great questions. Let me share some of my thoughts if that's okay

    • How does your company define SSO? Most companies define it as the single source of logging in - as they don't want people to be confused by multiple sign-ins.
    • What is its end goal? (i.e. improving customer experience, less manual labor, accessing more analytics, etc.) The goal is a bunch of things, mostly to reduce friction for the customers so they can just come in and start the conversation. This is the benefit for the customer. For the company it reduces the confusion, tickets to support because people can't figure out how to login who won't bother and potentially it should give your company a better overall profile of the customer.
    • What teams were involved in its development/maintenance? Usually it's an IT resource, but the setup should not take months - usually it's less than a day, but maybe with your numerous systems may take longer - but we are talking maybe a week (or less).
    • Is your SSO primarily for internal staff, external customers/users, or both? This is a great question. I have seen both done. The benefit of staff being included, us not having to worry if they leave the company to remove their access. That is also the benefit of automating for customers. Generally most companies do both if there are accounts of access for customers in other areas.
    • Pros/Cons of SSO for your community? The only Con I have seen is it take IT time to make it happen. The pros are endless as I have noted some of them above, from experience, analytics and also controlling access.

    Hope my answers helped :)

  • Rav Singh
    Rav Singh Vanilla Sundae

    How does your company define SSO?

    SSO has become a pretty central element for us at an internal level over the last little while. We've been moving toward using our Microsoft Azure AD/Office365 logins for as many platforms as possible.


    What is its end goal? (i.e. improving customer experience, less manual labor, accessing more analytics, etc.)

    Security and potentially to a lesser extent, convenience.


    What teams were involved in its development/maintenance?

    Our IT team primarily was involved in getting our existing AD lined up and talking to Vanilla. We also needed our internal designer to create the graphical elements required on the site to establish the login path for staff that is separate from our regular members.


    Is your SSO primarily for internal staff, external customers/users, or both?

    Internal staff only.


    Pros/Cons of SSO for your community?

    From our Community perspective, having the option for internal staff to login with SSO was a mandatory requirement when we made the transition last year. We've created a specific SSO login path for internal staff (only) to use when accessing their community accounts. A benefit of this is that it automatically assigns a 'Staff' role to that user upon doing so although I don't believe that is triggered by the SSO config itself but rather Vanilla's email domain assignment available in roles.


    Because of the time pressure associated with our transition along with complications with it on our previous platform, we opted against offering social SSO login options eg. Facebook, Twitter etc to our regular community members.