Single Sign-On (SSO) means users only have to authenticate themselves one time, regardless of how many applications require authentication.
From a technical perspective, SSO allows two entities to contact one another: the solutions (service provider) and an identity provider (often a directory).
You need an estimate from our sales department to set up SSO (firstname.lastname@example.org).
- User-friendly: only one password to remember and transparent data access (no obligation to re-enter a new login/password combination)
- Secure: simplify implementation of the company’s security policy (sign-in restriction, password control, etc.)
Lucca supports the following protocols:
- SAML 2.0 (ADFS, Okta, Azure AD, Google Identity Platform, etc.)
- OAuth 2.0 (for Google Identity Platform and Azure AD only)
NB : Lucca does not support the LDAP protocol, mainly because it implies a too large openings in right on the customer IT side. Most customers now prefer SAML or OAuth protocols, making LDAP a rarely asked protocol.
Below, you will find technical documents allowing you to set up SSO with Lucca depending on your application environment:
- Microsoft ADFS SSO - Active Directory Federation Services
- Azure Active Directory SSO (OAuth 2.0 Protocol)
- Azure Active Directory SSO (SAML 2.0 Protocol)
- SAML 2.0 Protocol SSO
- Google SSO
- CAS Protocol SSO
Can I allow my users to choose their sign-in method?
Actually, you have the option to enable or disable different authentication methods. For example, you can disable login/password sign-in if you want to make SSO mandatory. From the lucca.fr website, you can also disable magic link sign-in.
Can I set up SSO for mobile apps?
No, SSO will only allow you to log in to your Lucca instance from a web browser. For mobile apps, the only options are magic link, login/password and mobile connection code.
Can I set up different SSOs to access my Lucca instance?
Of course. You can set up several SSOs to access your instance. Users will have to choose the one they want to use on the sign-in page.