Before getting started
Single Sign-On (SSO) means users only have to authenticate themselves one time, regardless of how many applications require authentication.
From a technical perspective, SSO allows two establishments to contact one another: the solutions (service provider) and an identity provider (often a directory).
Benefits
- User-friendly: only one password to remember and transparent data access (no obligation to re-enter a new login/password combination)
- Secure: simplify implementation of the company’s security policy (sign-in restriction, password control, etc.)
Protocols supported
Lucca supports the following protocols:
- SAML 2.0 (ADFS, Okta, Azure AD, Google Identity Platform etc.)
- OAuth 2.0 (for Google Identity Platform and Azure AD only)
- CAS (Central Authentication Service)
You can choose and manage your protocol and identity provider independently.
Technical documentation
Below, you will find technical documents allowing you to set up SSO with Lucca depending on your application environment:
- SSO Google (OAuth 2.0)
- SSO Google (SAML 2)
- SSO Microsoft ADFS - Active Directory Federation Services (SAML 2)
- SSO Azure Active Directory (OAuth 2.0)
- SSO Azure Active Directory (SAML 2.0)
- SSO Okta (SAML 2)
- SSO protocol SAML 2.0
- SSO Protocol CAS
Important: Lucca does not allow you to synchronize user data via SSO. You can do this using a .CSV file uploaded to an FTP server (some "Directory & SSO" integrations also allow this).