With a Single Sign On, you can easily use data from the Active Directory for authentication and authorisation. Besides logging in with your organisation's login credentials, you can extend the use of the Single Sign On.
What is possible with a Single Sign On (SSO)?
1. Logging in with organizational credentials
Users can log in using the login credentials of their organization. See Easy login with Single Sign On.
2. Sending profile data
Profile data can be sent along with the authentication process. Fields from the Active Directory can be mapped to profile fields in Plek so that changes are automatically updated upon the next login. For example, the 'Job Title' profile field can be automatically filled in during login, eliminating the need for users to do it manually.
Data is synchronised only if the correct fields from Active Directory are linked to Plek and the user logs in. Single Sign-On does not synchronise user data automatically on a daily basis. If this is desired, check out our pages on User Provisioning.
3. Automatically adding users to groups based on profile fields: Users can be automatically added to a group based on profile field values. This happens after their first successful login. For instance:
- Users with Job Title X can be automatically added to Group Y.
- Users with Job Title A or B can be automatically added to Group C.
Group mapping is only possible based on a profile field, and the correct profile field in Plek must be linked to the correct attribute in the Active Directory.Users are not removed from groups when the value of a field changes. The group mapping via Single Sign-On only adds users. For example, if a user's job title changes from X to A, the user is added to Group C but not removed from Group Y.
Single Sign On is an additional integration in Plek. For more information about setting up a Single Sign On for your organisaion, please visit our pricing plan for your subscription, contant your account manager or send an e-mail to support@plek.co