SSO_Hero_Mock_1

Problem:

In order to maintain SOCII compliance with our large enterprise clients we needed to create a way for external admins to set up and manage single-sign on for their entire organization.  

Objective:

Create a new page at the organization level where admins can set up and manage single-sign on for their entire company. While providing transparency on the status as well as additional information if someone unfamiliar with the process is setting up SSO.  

Process:

This project had a tight timeline due to an upcoming technology audit for SOCII, and with the backend already spun up, it was really an exercise in arranging the required inputs and providing guidance around what phase the setup was in. 

Since setting up single-sign on requires a user to navigate between their domain manager and our product we opted to use an SSL certificate for the connection to limit the amount of steps the user had to take. Below are some early iterations of the designs that led to the final designs. 

SSO_Wires

Iterations on final designs

Solution:

Since this feature would only be used for admins of an organization we created a unique page for single-sign on that only users with that permission would be able to see. Once the user navigates to this page they see the status of SSO, along with a step by step process for how to set it up, and a link out to extra communications if they require more guidance. 

In order to begin the SSO set up users needed to upload an .xml file with the identity providers metadata from their domain provider, so instead of making all the required fields for that step visible we hid them in an accordion that users could trigger to verify that the information from the upload is accurate, or if they preferred to do it manually they could do that as well. 

The second step requires users to copy assertion consumer service URL as well as the entity ID into their domain provider. After those artifacts are shared the connection can be tested, and if everything works accordingly in the test it can then be set up for all users within the organization. There's also the ability to remove the single-sign on connection if necessary.

SSO_Not-Config

SSO not configured

SSO_XML-Upload

Uploading .xml file

SSO_-Upload-Complete

Uploaded file

SSO_-Testing-Conf

Testing confirmation

SSO_-Testing

SSO testing

SSO_-Configure-Conf

Configure confirmation

SSO_-Configured

SSO configured

SSO_-Expanded-Accord

Expanded accordion with mock data

SSO_-Expanded-Accord-sanitize

Expanded accordion with sanitized data

Results:

Within the first month of its release we saw 30+ enterprise clients switch their companies over to single-sign on, and we also passed our SOCII compliance audit. There was also around a 20% decrease in "forgot your password" emails over that same period of time.

Previous
Project Create Case Study
Next
Active Projects Case Study