OIDC single sign-on (SSO)
Tesseral supports enterprise single sign-on for all major identity providers (IDPs)
What is OIDC single sign-on (SSO)?
What is OIDC SSO?
Large or security-conscious organizations commonly require that software applications support single sign-on (SSO). They use centralized services called identity providers (IDPs) such as Okta or Microsoft Entra to handle employees’ authentication into software applications. Companies that use SSO gain a security advantage — for instance, an IT administrator can revoke an employee’s access to business systems with just a click.
Several varieties of SSO exist, but the OIDC protocol is common for many cloud software single sign-on.
Using OIDC SSO with Tesseral
Enabling OIDC SSO
Tesseral comes with OIDC SSO out of the box. You do not need to upgrade your Tesseral plan. You do not need to write any additional code.
If you wish to enable OIDC SSO for a given customer, you must first enable OIDC SSO for your Project and then for the Organization that corresponds to your customer.
Every customer’s use of OIDC SSO with your app requires one-time configuration of an OIDC Connection. The customer must share several pieces of data with you, and you must share several pieces of data back with the customer. The need to configure each OIDC Connection is endemic to the OIDC protocol.
Configuring OIDC SSO
For each customer that intends to use OIDC SSO with your software, you will need to configure a OIDC Connection. To do so, navigate to the Organization that corresponds to your customer and select the OIDC Connections tab.