By Vince Lujan Posted May 29, 2019
With Okta® going public, Google® and Amazon® announcing their intention to dominate the web application single sign-on (SSO) market, and, of course, Azure® Active Directory’s ever-growing SSO presence, there is no shortage of SSO competitors for IT admins to choose from.
The interesting part about the web application SSO market is not that there are many players (and there are), but rather, how the identity and access management (IAM) market is shifting. More to come on that below, but first, let’s see what SSO is all about.
What’s SSO All About?
SSO is all about connecting users to web applications. SSO solutions emerged because the core identity provider (IdP) for organizations, particularly Microsoft® Active Directory® (AD), couldn’t handle web applications very well.
AD, on the other hand, is all about on-prem Windows® domains. Initially, this meant that web applications, which were not on-prem or Windows-based, generally had to be managed independently (if IT was even aware of them). This was a big problem for IT admins.
Still, the advantages that web applications could provide over their legacy counterparts was undeniable. So, rather than continue to manage web applications independently or not at all, clever developers decided to do something about it. The result was a generation of AD extensions called web app SSO, which would become known as Identity-as-a-Service (IDaaS) with the shift to the cloud.
How Does SSO Work?
SSO solutions are cloud-based and are usually layered on top of Active Directory on-prem. Admins purchase an SSO solution such as Okta, then integrate it with their AD instance.
SSO solutions leverage the Secure Assertion Markup Language (SAML) to provide a pathway for users to access their web applications. Essentially, what they’re doing by this is federating an AD user identity to the cloud—at a premium cost, of course.
This approach worked well for a number of years and even the largest organizations in the world (i.e., Microsoft, Google, Amazon) wanted to get in on the action in the IAM space. But while they were looking to get in on the SSO market, new challenges were arising in the shifting IT landscape.
Cloud infrastructure from AWS®, macOS® and Linux® systems, and new type of cost-effective data stores (among other IT landscape changes) were causing significant challenges with managing user access to IT resources. Consequently, the concept of Active Directory plus SSO just wasn’t enough.
So, while the competition in the web application SSO market has been fierce, the first generation IDaaS approach to the market was missing the mark in a modern sense. Therefore, a broader approach to IAM called True Single Sign-On™ was needed.
What is True Single Sign-On?
True Single Sign-On means that users can leverage one password for everything. More specifically, the same identity used to login to a Windows, macOS, or Linux system can be used to access web applications, cloud infrastructure, wireless networks and VPNs, and more.
However, this type of solution isn’t layered on top of AD on-prem, nor does it need a separate IdP (although it can integrate with them). Rather, True SSO is a reimagination of AD that acts as the core IdP, SSO solution, and basically the entire IAM category—all rolled up into a comprehensive Directory-as-a-Service®.
JumpCloud True Single Sign-On
Sign up for a free account to check out JumpCloud’s unique True Single Sign-On approach today. We offer the full functionality of the Directory-as-a-Service platform free for up to ten users. So, you can try connecting your users to all of the IT resources they need with the convenience of a cloud-based solution.
If you would like to continue the conversation about various SSO competitors, reach out. A product support expert will be happy to talk with you.