Identity Management Category: Single Sign-On

Written by Vince Lujan on March 15, 2018

Share This Article

The identity and access management (IAM) market is one of the most active IT markets today. An important category within the IAM market is single sign-on (SSO). However, like all modern IAM categories, the SSO space is in a state of transition. This blog discusses the future of the identity management category: single sign-on. But first, we should outline the development of IAM in general.

A Brief History of IAM

Challenges with the Identity Management Category: Single Sign-On

To understand the current state of the IAM SSO market, we need to go back to the beginning of the modern era of IAM. In other words, we need to go back to the advent of the Lightweight Directory Access Protocol, or LDAP for short.

LDAP was created in 1993 at the University of Michigan as a lightweight alternative to the precursor X.500 directory service protocol. Tim Howes, now a JumpCloud advisor, was the co-inventor.

LDAP was essentially the subset of X.500 protocols related to directory access (e.g., DAP) with a few enhancements. What made it lightweight was the fact that LDAP required less bandwidth and was more easily implemented over networks (Wikipedia).

LDAP went on to become the internet standard for directory services a few years later. LDAP would even become a foundational aspect for two powerful on-prem directory services solutions – OpenLDAP and Microsoft® Active Directory® (AD).

Of course, today we know that OpenLDAP is used more in technical situations with Linux®, for example, whereas Active Directory has become the central directory for Windows® based systems and applications. Nevertheless, both of these solutions worked great for on-prem systems and other resources that were popular around the turn of the century.

However, as web applications appeared on the market in the mid-2000s, these solutions started to break down.

Traditional Single Sign-On Implementation

Challenges with the Identity Management Category: Single Sign-On

The trouble with OpenLDAP and Active Directory was that they didn’t connect with IT solutions in the cloud. This was because web applications leveraged different authentication protocols, like SAML, for example. The result was the creation of a new generation of web application single sign-on solutions, often called first generation Identity-as-a-Service (IDaaS) platforms.

IDaaS platforms were effectively built on top of Active Directory with the purpose of connecting on-prem user identities to off-prem web apps (i.e., Salesforce®, Google Apps/G Suite). In doing so, users could continue to leverage one set of credentials to gain access to all of their IT resources. Said another way, it was a single sign-on experience. This approach worked well for a while. Then, the IT market started to transform even more.

AWS® and Google Cloud Platform (GCP) started to move data centers to the cloud. Mac® and Linux systems started to replace Windows machines. Windows File Servers started to be replaced by cloud storage solutions (e.g. Box®, Google Drive, Dropbox®, etc.), Samba file servers, and NAS appliances. Wired networks were replaced by the less secure WiFi access. All of these changes made it more difficult for IT admins to manage access and end users were frustrated with so many different logins and accounts. The result was increased friction and frustration, and decreased security.

The Future of  Single Sign-On: True Single Sign-On

The Future of the Identity Management Category: Single Sign-On

Fortunately, as we said earlier, the identity management market is in a state of transition. And while these fundamental changes to the IT landscape have caused a lot of friction, they have also driven a new generation of identity management solutions for single sign-on.

Rather than just focusing on web applications, this new, modern IDaaS solution is focused on being a True SSO platform for connecting users to their systems, applications, files, and networks – regardless of platform, provider, protocol, or location.

In doing so, IT admins are empowered to choose the best IT resources for the organization. Sound too good to be true? Check out the JumpCloud® Directory-as-a-Service® platform today!

Single Sign On Use Cases

Sign up for a JumpCloud Directory-as-a-Service account or schedule a demo to discover a few use cases for the identity management category: single sign-on. Your first ten users are free forever, and we don’t even require a credit card to sign up! You can also contact JumpCloud to learn more about the identity management category: single sign-on.

Continue Learning with our Newsletter