SSO and Forced SSO
Forced SSO and Domain Restrictions are security features that ensure that only the right people have access to your Alyce dashboard.
What is single sign-on (SSO)?
Single sign-on is a technology that combines several different login screens into one. It's convenient for users and more secure for companies.
At Alyce, we allow our customers to login through SSO using MS Office, Google or Okta.
Forced SSO ensures that users use single sign on to log in, by restricting username and password access.
Instead of logging into Google, Evernote, Jira, and Alyce, wouldn’t it be nice to log into one application and then have access to your others?
That’s what single sign-on (SSO) allows users to do on many SaaS applications. It’s super convenient for users who no longer need to remember several credentials every time they need to log into an application.
It’s quick, convenient, and removes the likelihood of needing to recover passwords.
Forced SSO is also considered to be more secure. It’s much easier for IT teams to ensure better password policies (like periodic resets), enable multi factor authentication, and enforce password re-entry when a certain time passes.
Because of the single point credential management.
SSO vs Forced SSO
What is the difference?
With SSO we allow end users to choose between using a password and using Single Sign On. With Forced SSO, users are unable to use a password, they need to use SSO in order to access the app. SSO is shown on the top part of this login screen, where you can click to sign in with Google or MS Office.
The Okta SSO screen. To enable Okta SSO, please see the Okta Integration Guide
What are Domain Restrictions?
Domain restrictions is a security functionality that allows organizations to restrict access to their Alyce dashboard unless the user's email domain is approved.
It’s helpful in ensuring that no one outside of the organization is invited by team admins.
To learn how to set up Domain Restrictions, click here.
With Domain restrictions, people will not be able to log into the Alyce platform unless they have a domain that has been whitelisted.
This ensures that team admins will not send Alyce platform invitations and allow access to anyone outside of the organization.
- If there are several different users on several domains, each domain will need to be added to ensure everyone can access the dashboard.
- If using domain restrictions means 3rd party consultants will not be able to access the dashboard unless the domain has been approved.
This can be used in conjunction with Forced SSO so that someone needs to use SSO in order to access the dashboard, and can only access it if their email has an approved domain.