Directory-as-a-Service vs SSO

By Greg Keller Posted March 23, 2017

With the emergence of Directory-as-a-Service® (DaaS) as a new category on the Identity and Access Management scene, now often called cloud identity management, you may be wondering, how does a cloud-hosted directory service compare to Single Sign-On (SSO)?

Controlling Access to Web Apps

rest API to control access to web application

As one of the hottest categories in the IAM world, SSO is widely known and understood. Web applications emerged over the past decade and a half as critical parts of an IT organization. With Salesforce leading the way, many on-prem applications have made the leap to better, more convenient web applications. The challenge for IT admins was how to control user access to web applications.

With the on-prem identity provider locked into Microsoft Active Directory®, the goal was to federate AD identities to cloud applications. Not an easy challenge at the time. With the use of the SAML protocol and clever hacks such as password vaulting, IT admins were able to have their users log into a web console – or even from their browser – and log into their web applications without adding passwords. It was a huge innovation and has been why the web applications SSO category, often referred to as IDaaS, has taken off.

JumpCloud® Is Your Centralized User Management Platform

While the new entrant, Directory-as-a-Service, is lesser-known, it is blazing a big path. With much of an IT infrastructure moving to the cloud and mixed-platform environments, Active Directory is no longer the best solution for most IT organizations. In fact, many cloud-forward organizations are making the leap to the cloud directory service. As a vendor-neutral identity provider, the modern cloud identity management platform handles Windows, Mac, and Linux systems, G Suite and Office 365, AWS, Google Cloud, or IBM Softlayer, and many others. LDAP, RADIUS, SAML, REST, and other protocols can be leveraged for the authentication path. The benefit is being able to integrate a wide variety of different IT resources into one centralized user management platform.

Directory-as-a-Service and SSO: Complementary Solutions

true single sign-on
jumpcloud learn more demo

Directory-as-a-Service and SSO are largely complementary to each other. Many IT organizations have opted to replace Active Directory with Directory-as-a-Service and then layer on a web application SSO solution. The upside? Everything is in the cloud and centrally controlled by IT admins. End users get the benefit of frictionless access to whatever IT resource they need whether it be a MacBook Pro, AWS cloud server, web application such as Salesforce, or their WiFi network. Why are smart, modern organizations leveraging both IAM solutions? To more easily and safely connect their employees to the IT resources they need.

Learn more about how you can leverage Directory-as-a-Service and SSO solutions from the leader in DaaS, JumpCloud®. Sign up for a free account and check it out. Ten users are free forever – no credit card required. Please let us know what you think about the differences between cloud directory services and SSO.

Greg Keller

Greg is JumpCloud's Chief Product Officer, overseeing the product management team, product vision and go-to-market execution for the company's Directory-as-a-Service offering. The SaaS-based platform re-imagines Active Directory and LDAP for the cloud era, securely connecting and managing employees, their devices and IT applications.

Recent Posts