Introducing Single Sign-On to SecurityTrails: Secure Authentication with Okta SSO

We are excited to announce that we are beginning the implementation of single sign-on (SSO) access across Securitytrails. Okta SSO is the first provider we’re bringing on in this effort to deliver secure authentication and a better user experience to our users. SSO and its security benefits Single sign-on (SSO) is an authentication service offered by various providers that allows for the use of only one set of credentials, usually a username and password, to access multiple applications securely. With the emergence of cloud computing and the accelerated use of software-as-a-service (SaaS), organizations are adopting the centralized authentication of SSO as an efficient way to provide risk-free access to multiple resources. Some of the main security benefits organizations have reported with the implementation of SSO are: Decrease in likelihood of password theft: Surely one of the best security practices is to have strong and unique passwords for each account/app, but that can be hard to enforce on an organizational level. With SSO, users only need one strong passphrase, meaning they're more likely to remember it and less likely to store it carelessly. Prevention of shadow IT: Shadow IT is becoming more prevalent in cloud-centric environments. SSO allows for monitoring which apps are used by and permitted for users, thus preventing further shadow IT. Help with regulatory compliance: Common regulations such as HIPAA require effective authentication of users as well as automatic logoff for all accessed resources, which SSO effectively enables. Our choice: Okta SSO Okta was our first choice, as it's one of the best SSO providers available for enterprise users. Known for its numerous integrations, Okta SSO provides different directory types and powerful and essential features that allows for easy implementation and a user-friendly interface. Okta is standard-compliant with the O-Auth 2.0 protocol that controls authorization of access to sensitive resources and is a certified OpenID Connect provider, a protocol built on the OAuth 2.0 that provides user authentication and SSO functionality. How to enable SSO in Securitytrails To enable SSO authentication in your account, simply contact us requesting to change your default authentication scheme (please note that as a requirement you’ll need to previously setup an application inside your Okta organization and provide its client_id along with your designated Okta login’s domain name). For a detailed procedure on how to set it up, please check our SSO documentation. After SSO is enabled on your account, you'll receive an email containing an invite link to begin the authentication process. The link in the email will then redirect you to a confirmation page to continue. After confirmation, you'll be presented with a login prompt, where you'll need to sign in with your SSO credentials to be authenticated. Once you enter your credentials, user authentication takes place against the chosen SSO provider—currently with Okta SSO. You're all set! For future SSO authentication usage you can validate your account by using a login link that's unique to your organization, which will be in the following format: This is just the start Implementing Okta is merely the first step in enabling SSO across Securitytrails and providing centralized authentication to our users. More authentication protocols will be rolled out in the future—stay tuned!