Let's rewind back to a time in history when an endless stream of passwords was our only gateway to the world wide web. Non-Gen Z readers may remember this bygone era — when password resets, account lockouts, and handwritten password reminders on Post-It notes reigned supreme.
This chaotic period in human history was marked by weak passwords, frequent logins, and password fatigue. But perhaps more consequentially, it was a time of great internet security risk.
Then, Security Access Markup Language (SAML) Single Sign-On (SSO) solutions stepped onto the scene. And that’s why we’re here today — to announce the launch of SAML SSO for Assembled.
But first, let us take you on a mildly educational, mostly entertaining, not-entirely-historically-accurate journey to the center of the user authentication universe. Read on, because this launch is oh SSO good 😏.
First came the internet, and then came the hackers.
They targeted our emails, bank accounts, and most egregiously, our MySpace profiles.
We tried to outsmart them by using our pets’ names, middle names, and birthdays — but they figured us out.
We started capitalizing one letter. Somehow, they cracked that code too.
We even resorted to adding special characters. And yet, we were sitting ducks.
Then the password auto-generators appeared. Meant to churn out an indecipherable mashup of letters, numbers, and characters, we thought we'd finally come out victorious.
But the hackers were too good and the attacks carried on. Security admins everywhere dreamed of the day they’d be less dependent on this unsuccessful way of password-heavy life.
A new dawn of online security
Enter the era of SSO. Some call it the answer we’d all been waiting for. Most just call it table-stakes enterprise software security.
SSO brought with it a promise to upend the password-dependent generation that came before it. Using SSO, a world of endless possibilities opens up with just one set of credentials. And by endless, we mean a limited set of applications chosen by your admins (we don’t make the rules).
The concept was simple: log into one tool for instant access to other tools — like having one key that opens many doors.
This meant no more password creation for the sites and apps you use every day. It also reduced all the manual steps to provision or de-provision licenses, making onboarding and offboarding employees a breeze.
Life was good. The people were happy. And SSO continued to expand.
A tale of two SSO options
The world is full of SSO possibilities, but for the purpose of this blog, we’ll focus on SAML and OpenID Connect (OIDC).
SAML (Security Access Markup Language) is the gold standard for enterprise companies, exchanging authentication and authorization data between an identity provider and a service provider. It’s one you’ll commonly see at companies that have a more complex or traditional tech stack, including desktop or on-premises software. This is what we’re releasing today!
OIDC (OpenID Connect) is a more modern protocol that redirects users through an authorization server, then redirects them back to the app with a token confirming their identity. OIDC is best suited for companies that have a more flexible tech stack typically relying on web and mobile applications. Shameless plug for our existing OIDC SSO options via Okta and Google.
Despite their differences, both are super secure for organizations of any size, and we love them equally.
A closer look at SAML SSO
Do you love digging into the technical fine print? You’re in luck, you little nerds.
How does SAML SSO work?
In a SAML SSO setup, the identity provider plays the role of verifying the user's identity and sends an assertion to the service provider, in this case, Assembled. The service provider uses this assertion to grant access to the application without requiring a separate login.
What are the technical benefits of SAML SSO?
SAML SSO offers centralized authentication, which means users only need to remember one set of credentials. It also securely transmits authentication information, ensuring that your login data is safe from prying eyes. SAML SSO can significantly reduce the risk of phishing attacks, as there are fewer opportunities for attackers to trick users into providing their credentials.
Who should use SAML SSO?
SAML SSO is particularly beneficial for companies with remote workers, offering a simplified login process without compromising on security. It’s also ideal for businesses with numerous third-party applications, allowing for streamlined access and user management.
Security-conscious Assembled users, rejoice!
Now that our little history lesson has come to an end, let’s get back to why we’re here. We’ve partnered with a few of our customers to bring their most essential security features to life, and we’re so excited to officially launch SAML SSO for all Assembled users to enjoy.
With Assembled as your service provider, in just a few steps, we’ll work with your identity provider to set up a seamless login integration.