Why are many businesses still not using a password manager?

Why are we still talking about passwords? We already have single sign-on (SSO), and passwordless is the new buzzword everyone is talking about, but when you put yourself in the shoes of someone who is responsible for the overall security of an organiza… Continue reading Why are many businesses still not using a password manager?

Shadow IT is a top concern related to SaaS adoption

Torii announced a report revealing that 69% of tech executives believe shadow IT is a top concern related to SaaS – or cloud application – adoption. The majority of respondents have made exceptions to their SaaS security protocols, with 80% doing so be… Continue reading Shadow IT is a top concern related to SaaS adoption

How does the SAML based SSO differ for Internal (employees) and External users (external resources)?

We are trying to set up(I am not part of the setting up process) an SSO based login for an ITSM application. Our organisation has some users working for us although they use their own organisation email address to log in. We use OKTA as ou… Continue reading How does the SAML based SSO differ for Internal (employees) and External users (external resources)?

Does splitting auth SSO and MFA parts, between client and service companies have any issues?

My company provides a single SaaS product for corporate clients.
For one client we are implementing SSO with them as authentication provider (via Azure AD/SAML for now, but the library we are using is extensible).
The same client has asked… Continue reading Does splitting auth SSO and MFA parts, between client and service companies have any issues?

Adding SSO to an existing website – should SSO login link to matching email address?

I am adding Single Sign-On (SSO) via Google and Microsoft identity providers to a web application where many thousands of user accounts already have existing credentials stored by username and password. Each account also has a primary emai… Continue reading Adding SSO to an existing website – should SSO login link to matching email address?

Instead of 301 redirecting can I generate unique login endpoint in order to utilize an Http POST request during SAML Auth?

Whilst I was looking for an SAML authentication workflows I stumbled upon this link.
But instead of 301 redirect (or any kind of http redirect), I thought that once the app finds out that SAML authentication is required to contact into iDP… Continue reading Instead of 301 redirecting can I generate unique login endpoint in order to utilize an Http POST request during SAML Auth?

Posted in SSO