Single Sign-On (SSO or Federated Login) allows users to log in once to access the TMS, eliminating the need for multiple passwords and enhancing security through centralized authentication with a trusted identity provider such as Microsoft or Google.
Benefits of Using Google or Microsoft for Single Sign-On (SSO)
Single Sign-On (SSO) allows you to securely log in to our platform using your existing Google or Microsoft account, rather than creating and managing a separate username and password.
By default, SSO is enabled for both Google and Microsoft. For the highest level of security and convenience, we strongly recommend using one of these trusted providers as your primary login method. This article explains the key benefits.
How SSO Improves Your Security
Using Google or Microsoft to sign in protects you from these common threats by leveraging the world-class security built by those companies.
🛡️ Multi-Factor Authentication (MFA)
When you protect your Google or Microsoft account with MFA (like a code sent to your phone or a prompt you tap "yes" on), that protection is automatically extended to your account with us. This means that even if an attacker steals your password, they can't log in without access to your second factor (e.g., your phone).
🔐 Stronger Security, Fewer Passwords
Instead of creating another password to remember (and potentially reuse), you rely on the single, strong password you've already created for your Google or Microsoft account. You only have to manage one password, making it easier to ensure it's unique and complex.
🎣 Protection from Phishing
With SSO, you are always redirected to the official Google or Microsoft sign-in page. You are trained to only enter your main password on that familiar, trusted page, making it much harder for a fake login page to trick you.
⛔ Instant Access Removal for Leavers
When an employee leaves your company, securely managing their exit is critical. With SSO, it's one and done. When your administrator disables their primary Google or Microsoft account, their access to our platform is instantly and automatically revoked. This eliminates the security risk of former employees retaining access and simplifies offboarding.
More Than Security: It's Convenient
Beyond the security benefits, using SSO is also faster and easier.
-
One-Click Access: Log in with a single click instead of typing your credentials.
-
No New Passwords to Remember: You don't have to create or remember a new, unique password just for our service.
Enabling SSO
To manage your SSO settings, navigate to the LSP tab and select 'My Organization,' then proceed to 'Organization Settings.' Within the Organization Parameters section, you will find checkboxes for Google, Microsoft, Basic Login, and Okta. By unchecking any of these options, you can customize the login page to display only the needed authentication methods.
Available SSO options:
- Microsoft
- Okta
Once you have set up SSO for your organization, your login page will be updated to reflect these changes.
Please note that your email address must be used as your username to enable SSO functionality.
To set your email address as your username, please follow these simple steps:
1. Navigate to the LSP tab in your dashboard.
2. Click on the 'Staff' option to view the list of staff members.
3. Locate the staff member you wish to edit and click on the blue pencil icon located on the far right.
4. In the login field, replace the current username with your email address.
Basic Username and Password Login
For organizations that prefer traditional authentication methods, this option allows users to access their accounts using a unique username and password. This method ensures that all users can authenticate regardless of their relationship with third-party platforms.
This authentication method will apply to LSP staff ONLY. It is important to note that customer staff can still use basic authentication to access the front office pages.
To revert to the standard welcome page, please contact our support team at support@tai-software.com for assistance.