THE JADU BLOG

Here's where you'll find lots of useful information about our customers' successes, product and partner news... and lots more!

All Posts

The benefits of supporting OAuth & SAML to utilise other Identity Providers

Single Sign-On (SSO) technologies help to meet everyday user needs by making it easier for end users (from customers and citizens to students and staff and other constituent users) to easily authenticate, and sign-in to access and track secure, highly personalised digital services. This is especially the case where organisations look to provide a true depth in their digital service delivery that can only be realised by implementing a wide range of software products and services to meet the growing demands of digital service consumers.

 

At the same time, security and identity play a leading role in how services are controlled and delivered by any organisation today, and it’s an area that demands constant attention. Providing central identity control for the ongoing maintenance of user accounts assists in the effective management of day to day processes, such as on-boarding, off-boarding and general identity management practices such as password resets, name changes and so on.

 

JADU works in Higher Education in the US, where SSO and identity provision are the mainstay, must-have technologies across the institution. Universities and Colleges manage authentication and identity centrally for their staff and students accessing multiple systems so they only need to remember a single set of credentials. Solutions such as Shibboleth, CAS (Central Authentication Service) and ADFS (Active Directory Federation Services) are now ubiquitous across the higher education space.

 

In the UK, whilst GOV.UK Verify has made some progress to centralise identity and the verification of this, the delivery of citizen authenticated services is largely being handled by suppliers with the foresight to see how important it is. 

 

For SSO to truly work for an organisation today, we think that adopting a standards based approach and ensuring our customers are not bound to any one specific portal technology for identity management provision, is key to meeting this need.

 

The JADU CXM service currently provides a framework for allowing the authentication of a registered user account and sharing necessary account details with integrated 3rd party provider systems using OAuth2 and OpenID Connect (OIDC) protocols. 

 

We worked with Northgate Public Services for instance on delivering OAuth2/OIDC based SSO with their suite of Citizen Access portal products. This means that citizens using services through the JADU MyAccount only have to sign in once with a single set of account credentials. After that, accessing personal self-service data is much easier. 

 

We've also worked with our users, including Scottish Borders Council to integrate the Scottish Improvement Service’s mygovscot myaccount solution, so that a Scottish citizen’s central identity record can be used to authenticate into the council's own website MyAccount to utilise their digital services.

 

So what is SAML? A small animal? 

 

SAML (Security Assertion Markup Language) is an open standard that allows identity providers to securely authenticate users and share attributes of their identity with third party service providers from a centrally managed account.

 

One of the areas of development inside our product teams right now is the introduction of support for SAML to facilitate the use of other identity providers that provide support for SAML (similar to the principles of what has been delivered with the mygovscot myaccount integration to date).

 

We initially plan to introduce SAML into the JADU CXM service and, as user needs become clearer through iterative roll out and testing, extend the framework across the rest of the JADU platform. 

 

What all this jargon means for the end user is that they can use one set of credentials to log-in once, and be able to access many linked websites, portals and third party applications - making life easier. For example, a citizen could check their council tax balance, manage their car parking account and more, just by signing in with their Google account.

 

This will start to take on real value with the roll-out of new technologies, such as our work with Amazon Lex and AWS Virtual Contact Centre. With our US customers really driving the needs around central identity management, we’re focused on ensuring we deliver a framework built on interoperability standards and, once other identity and verification platforms deliver and potentially become mainstream, we should be more than ready. 

 

If your organisation uses CXM, watch out for more updates and demos as we deliver SAML based integrated services.

Andy Perkins
Andy Perkins
Andy is the original author of the Jadu CMS and XForms Professional and has an intrinsic understanding of the Jadu Continuum platform and its capabilities to be extended to deliver solutions which meet specific customer needs.

Related Posts

8 Top Tips for Working from Home

The COVID-19 pandemic will affect all of us in one form or another. One of the safest things we can do right now is to work from home (where possible), to slow the spread of the virus.

Data Export Management feature, Phase 2

Last month, we released phase one of the exciting, new and improved Data Export Management feature. The previous blog post covered how easy it is to now export your form data, in bulk and from one centralised place in your Jadu Control Centre using CSV, XML and JSON formats.

  • 3 min read
  • March 17, 2020 9:49:10 AM GMT

Budget to include £500m a year to fix potholes

The chancellor is today expected to announce £2.5bn in funding (£500m each year for the next five years) to fix up to 50 million potholes across Britain.