Jump to content

SSO & Differential Site Authentication


David G
 Share

Recommended Posts

We've successfully implemented SSO for our instance but unless we're missing something it is either on or off for all sites - live, admin, service & customer.

Our 250+ customers will only ever access Service Manager (via service.hornbill.com) from within our corporate network so single sign-on using ADFS is ideal and this works as expected. 

However, our analysts will access the live site from anywhere, both inside and outside the network. What we'd ideally like to do is enable SSO for service.hornbill.com but use password authentication for live.hornbill.com.  Although we can create separate SSO profiles for each site, SSO seems to be either completely on for all or off for all.  We found an single historical forum post suggesting this is true but is this interpretation correct? 

If so, is there anything in the change pipeline to allow differential site authentication?

Link to comment
Share on other sites

Hi David,

Currently that is correct is has been raised by one or two customers previously, their are currently no formal plans to introduce this segregation of SSO between our Application (Live, Admin, Service & Customer), i will raise this again with out development team and see what there thoughts are on this.

There is a Realm setting against an SSO provide User | Guest this differentiates between the Customer Portal and Live, Admin & Service which is currently the only separation. 

Kind Regards

Trevor Killick

Link to comment
Share on other sites

Okay, thanks for the response, Trevor.  This really would be something we'd be very eager to have as with SSO turned on, you effectively limit a cloud solution to only be accessible from your corporate network.  With SSO turned off, you're effectively discouraging your customer base from actively using the portal by complicating the login process with an additional logon (it takes just the smallest things for users not to use self-service!).

 

  • Like 1
Link to comment
Share on other sites

We'd like the option to be able to access via some sort of SSO bypass as well

If I'm at home I have to use the VPN or connect to our Citrix environment to be able to access the Live and Admin sites

We also have some international users that aren't on our domain and only use Citrix

If they can't get onto Citrix then they'll need to ring or send us an email as they wont be able to access the Service portal

  • Like 1
Link to comment
Share on other sites

we would also like to see this for admins - but also for service.hornbill too. We have a growing number of staff who work remotely, in clients offices, from home etc. Although they can email in, it stops us from encouraging staff to use the portal and use less email.

  • Like 1
Link to comment
Share on other sites

  • 4 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...