start portlet menu bar

HCLSoftware: Fueling the Digital+ Economy

Display portlet menu
end portlet menu bar
Close
Select Page

Tired of entering your password? I know I am. If I didn’t have to type in my password 20 times every day, I would have finished fixing all the defects in Compass. Ok, that’s hyperbole, but it really is a pain, isn’t it? Wouldn’t it be great if you could log in once to access all your applications? The good old people writing security standards have been nice enough to give us a solution. It is called “single sign on”. With more and more DevOps products integrating with each other it is becoming even more important to have a centralized identity management solution where you can sign in once, and access multiple applications. 

connect to compass

Single sign-on (SSO) prevents the need to sign on to multiple applications separately. Rather than having to sign on for each application, the user signs in once at an identity provider (IP) and this provides tokens to provide to other web applications and services. A token is like an ID card. You show it wherever you go, and it is trusted in many places. If the ID card is trusted, you can do things such as rent a car, walk into a secure building, fly on a plane, and so forth. The same goes for SSO tokens. For any application that is set up to trust the token, it will allow you to log in to that application as the authenticated user. SSO makes it easier and more secure to use different applications, because you only need to log in once and you only do so on the trusted login site. 
 
Authentication and authorization are separate in SSO. The first time a user connects to one of the applications, the user must authenticate by logging in. While the token is valid (usually in 24 to 48 hours), the user does not need to authenticate again. Instead the previously obtained token is used to authorize access to the application.

CHOOSING AN IDENTITY PROVIDER 
There are several SSO standards available. Compass supports the following: 

Of these, OIDC and SAML2 have a user experience that is more friendly, consistent and configurable than LTPA2. These two provides automatic browser redirects to the identity provider login site. So, when the use tries to access a site and needs authentication, they will be taken to this login site. The login site is usually customizable, which allows the enterprise to provide a consistent login page that provides information about your enterprise and what applications might be available to the user. 
 
So, what single sign on provider does your company use? Will it work with Compass? I’d love to hear if you think Compass needs to support additional SSO features or technologies. 

Comment wrap

Start a Conversation with Us

We’re here to help you find the right solutions and support you in achieving your business goals.

Secure DevOps | August 30, 2022
HCL Compass - Configuring secure connection on Compass Web with SSL communication
Compass Secure Web Client enables you to access your applications and data from any remote location without compromising the security of your data.
Secure DevOps | May 25, 2022
SETUP HCL COMPASS SEARCH FOR REST API SERVER
A step-by-step guide to install HCL Compass on your system with valid login credentials login into the repository.
Secure DevOps | May 19, 2022
INSTALL HCL COMPASS WITH REST-SERVER (TRIAL VERSION)
Learn with a step-by-step guide for installing and setting up HCL compass with REST - server (trial version).