Single sign-on (SSO) is an authentication scheme that allows a Losant user to log in to the Losant Platform using a identity provider like Azure Active Directory. SSO enables Losant Enterprise customers to seamlessly onboard new Losant users by leveraging existing authentication systems.
The SSO discussed in this document is specific to the Losant Platform, not Experiences created with Losant. However, SSO can be built into an Experience, which is discussed below. To enable SSO for your Organization, contact us.
When logging into Losant, you must provide an email address. If the given email address has SSO configured, Losant will reach out to your authentication service to validate and properly authenticate the user into Losant.
Losant supports Security Assertion Markup Language (SAML) identity providers. SAML is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. If your identity provider supports SAML, then it can be configured with Losant’s SSO capabilities.
Since Experiences allow you to develop and publish completely custom APIs and user interfaces with built-in user management and authentication, each Experience has its own set of Users, Groups, and Domains. The SSO of Experience Users must be handled using one or more Experience Workflows. To enable SSO integration with experiences, the following Workflow Nodes are available: