Can a Directory also be a Single Sign-On Solution?

Written by Greg Keller on December 25, 2015

Share This Article

There is a myth in the identity management world that directory services and single sign-on require separate solutions. Is there any truth behind the myth?

Well, yes, because until recently you really did need to have two separate solutions: one for your user database and the other for access to your web applications. In essence, that was all single sign-on really meant. At the time, it was difficult to tie everything together, necessitating multiple solutions. Luckily, a new innovation in the Identity-as-a-Service space is creating a True SSO solution that extends the directory and SSO to nearly every type of IT resource.

Simple Times, Simple Sign-on

The directory services space swung into high gear in the last of the 1990s and into the 2000s with the advent of Microsoft Active Directory. Since most of the world was on Microsoft Windows, it made sense for Microsoft to build a directory service. Most servers and applications were on-premises and Windows based, so connecting them to AD made a great deal of sense.  This was in a way single sign-on because everything existed behind the firewall, and the login to the device served as the core credentials.

Some Solutions Simply Didn’t Work

With the move to the cloud, though, much has changed. A whole new category of solutions was created. Applications and the back-end server infrastructure both shifted to the cloud. There were problems, though, because those solutions no longer easily connected to the on-premises directory.

So a new category of solutions was created; they were called web application single sign-on solutions. Unfortunately, that now meant that IT admins needed to leverage multiple products for their identity and access management solution. If they had Macs and Linux devices, they needed yet another tool.

Soon, the identity management solution, which was just the core user directory, had morphed into a suite of solutions all trying to work together. That meant more work, cost, and potentially multiple logins.

DaaS Delivers True SSO with Speed, Security, and Simplicity

Modern organizations didn’t endure this problem for long, though. They turned to a new category of solution called Directory-as-a-Service. DaaS changed the definition of directory services. Now, a cloud-based directory service functioned as the central identity management platform within an organization. One set of credentials is leveraged across virtually all IT resources, including systems, applications, and networks regardless of location or platform. The next generation user management system joined together directory services and single sign-on to create a True SSO solution that not only integrated with web applications, but on-prem applications, cloud servers, WiFi network, Google Apps, and more.

If you would like to learn more about how your directory can also be your SSO solution, take a look at our Identity-as-a-Service platform. DaaS can serve as your core directory connecting your users to whatever IT resources they need. Feel free to give JumpCloud a try for free or drop us a note, we’d be happy to talk to you about your needs.

Continue Learning with our Newsletter