Compact Identity: SSO and Password Management

Our Compact Identity’ solution boasts an unprecedented user-experience. All our UIs are smartphone-like as everyone these days find this more comfortable.
The solution offers SSO even to thick-client apps and automatically switches your browser to the preferred one set for the app. It even synchronizes app passwords that have their own user authentication store (like SAP).

image

Key Features


image


Smartphone Style User Experience

Compact Identity takes user experience to the next level. We have found that customers looking for a user-friendly way to access the SSO shortcuts.

To enhance user experience, we have introduced a launchpad. The launchpad is a standalone native application that can be used to Single Sign On to the onboarded applications and perform other user operations such as managing passwords, updating challenge response questions, requesting for new access and approving access requests.

Download Video

Federated SSO

If an app honours SAML 2.0 which is a federated protocol, it can be easily integrated with Compact Identity in a few clicks. Compact Identity supports both IdP (Identity Provider) initiated and SP (Service Provider) initiated SSO to the application.

IdP initiated SSO – Users clicks on the application icon on the launchpad or mobile app and the application launches without the need to enter any credentials

SP initiated SSO – Users enters the application URL in the browser and get logged in to the application without entering any credentials.


image


image


Credential Based SSO

An application can be integrated with Compact Identity even if it does not support a federated protocol. It can be integrated as a credentials based application in a matter of clicks. This can either be the Directory Server’s credentials (where the application authenticates with the Directory Server) or an Application specific credential.

SSO to Thick Client Applications

Thick Client applications are apps that need to be installed on user machines. To log on, the client’s applications are launched on the user’s machine. Then Credentials are then provided in the client applications to login to a remote server.

To be able to offer a true enterprise class SSO solution, organizations using Thick Client applications need to address the ability to use SSO to those Thick Client applications - an unserved need in the industry.


image

Compact Identity provides the unique feature of SSO to Thick Client applications. Besides allowing users to use SSO to browser based apps, Compact Identity also allows SSO to Thick Client apps such as SAP.

image

Browser Preference for SSO

The Browser Preference option allows users to associate their preferred browser with any SSO application. With Browser Preference, users have the choice to use SSO to their authorized business applications using their browser of choice or using the browser that works best for the application.

Mobile SSO to Web based Applications

The Compact Identity mobile app supports SSO both for federated and non-federated Web-based applications. User get to see all the onboarded web applications configured for mobile SSO after they logs in. On clicking on any of the apps, Compact Identity will directly SSO. Users does not have to re-enter the credentials for SSO applications if they have already been done once on the launchpad.

image


Self-Service Password Change

Compact Identity allows users to change their primary password to the solution directly from the launchpad or from the mobile app.

In case authentication is delegated to the Active Directory, changing the password in the solution results in changing the Active Directory Password.

Self-Service Password Reset and Account Unlock - launchpad and mobile

Compact Identity allows users to reset their forgotten passwords or unlock their locked accounts on their own by verifying themselves with alternate factors. Users can perform this action both from the launchpad and from the mobile app.

  1. Users access the Compact Identity Forgot Password/Account Unlock URL from their smartphones or an alternate desktop.
  2. Users authenticate their identity with any of the alternate factors such as CR Question, Email OTP, SMS OTP, etc.
  3. Users reset their password or unlock their account.
  4. All this is performed by users without helpdesk assistance.
image
image

Password Synchronization

Compact Identity achieves password change for the onboarded Apps using a feature called 'Password Synchronization'.

1. The user logs on to Compact Identity from the launchpad or mobile application.
2. The user updates the password in the Change Password section of the launchpad.
3. Compact Identity updates the new password in the Identity Store (Active Directory password in case of delegated authentication)
4. Compact Identity also updates the new password to all the connected target applications.
5. Now the user has the same password across all applications and needs to remember only one single password.

Top