Directory-as-a-Service vs SSO

Written by Zach DeMeyer on July 23, 2020

Share This Article

With the emergence of Directory-as-a-Service® (DaaS) as a new category on the Identity and Access Management scene, now often called cloud identity management, you may be wondering, how does a cloud-hosted directory service relate to Single Sign-On (SSO)?

Controlling Access to Web Apps

As one of the hottest categories in the IAM world, SSO is widely known and understood. Web applications emerged over the past decade and a half as critical parts of an IT organization. With Salesforce® leading the way, many on-premises applications have made the leap to better, more convenient web applications. The challenge for IT administrators was how to control user access to web applications.

With the on-prem identity provider locked into Microsoft® Active Directory®, the goal was to federate AD identities to cloud applications. Not an easy challenge at the time. With the use of the SAML protocol and sometimes password vaulting, IT admins were able to have their users log into a web console – or even from their browser – to access web applications without adding passwords. It was a huge innovation and has been why the web applications SSO category, often referred to as IDaaS, has taken off.

JumpCloud® Is Your Centralized User Management Platform

While the new entrant, Directory-as-a-Service, is lesser-known, it is blazing a big path. With much of an IT infrastructure moving to the cloud and mixed-platform environments, Active Directory is no longer the best solution for most IT organizations. In fact, many cloud-forward organizations (over 100k and counting) are making the leap to the cloud directory service. 

As a vendor-neutral identity provider, the modern cloud identity management platform handles Windows®, Mac®, and Linux systems®, G Suite™ and Microsoft 365™, AWS®, GCP™, or Azure®, and many others. LDAP, RADIUS, SAML, SCIM, SSH, and other protocols can be leveraged for the authentication path. The benefit is being able to integrate a wide variety of different IT resources into one centralized user management platform.

Directory-as-a-Service and True SSO

Directory-as-a-Service is True Single Sign-On™. End users leverage one identity to connect to virtually all of their IT resources including systems, applications, file servers, and networks. Many IT organizations have opted to replace Active Directory with Directory-as-a-Service without the need to then layer on a web application SSO solution. With hundreds of web apps in the catalog for single sign-on and provisioning via JIT and SCIM, IT admins don’t need to purchase an additional IDaaS platform. Even better, the Directory-as-a-Service platform includes system management and MDM capabilities eliminating the need for yet more IT management tools.

The upside? Everything is in the cloud and centrally controlled by IT admins. End users get the benefit of frictionless access to whatever IT resource they need whether it be a MacBook Pro, AWS cloud server, web application such as Salesforce, Slack, Jira, or GitHub, or their WiFi network. Why are smart, modern organizations eliminating a plethora of IAM and system management tools in favor of a single access control and device management platform? To more easily and safely manage and connect their employees to the IT resources they need.

Learn more about how you can leverage Directory-as-a-Service and our True SSO approach from the leader in DaaS, JumpCloud®. Sign up for a free account and check it out. Ten users and systems are free forever – no credit card required. You’ll also get 10 days for 24×7 engineering-driven premium support to get you going. Please let us know what you think about the modern approach to directory services.

Continue Learning with our Newsletter