Single Sign-On (SSO)

Secure B2B & B2C SSO Login

Give business partners and customers one digital identity for one-click simplified SSO login to all your connected digital services and applications

Customer SSO is an easy way to let your customers, citizens, partners and contractors log in just once and then transparently and securely authenticate to all the digital services and applications they have been granted rights to – eliminating the need for multiple logins or credentials.

CIAM IDaaS User Experience

Single Sign-On

Easily enable SSO across all your applications, whether in the cloud, on-premises, or a hybrid of both.

Reduce churn

No more multiple registrations and accounts to manage. Improve the customer experience and reduce credential management support costs without sacrificing security.

Compliance services

Supports all the identity standards – OpenID Connect, OAuth, CIBA, SAML.

Multifactor Authentication

Allow users to login using dozens of reusable / portable identity providers, enterprise identity directories, MFA form factors and passwordless.

Benefits of Customer SSO

Reduce the number of identity credentials you expect your customers (and your IT admins) to manage

Single Login
Maintain seamless customer journeys with transparent logins across all application and services – authenticate the customer just once.

Use any Identity Provider imaginable. From enterprise user directories to the millions of reusable identities across the BYOI ecosystem.

With less password fatigue, users will expose or reuse passwords less. Centralised authentication control maintains consistent best practices and use of MFA or Passwordless.

User Experience
Frictionless and flexible login and authentication options. Engaging with applications will be made faster, easier and more secure.

Eliminate Support Desk Costs
With less login credentials to forget, users will have less impact on support help desks.

Centralised Policy
Deliver the right identity attributes to internal or external applications ensuring compliance to privacy regulations. Centrally control access to resources or applications.

The Identity Broker Engine

Optimised for Single Sign-On customer and B2B engagement

The Identity Broker Engine enables the smart exchange of user attributes to offer Zero Trust networking while respecting user privacy. The core functioning includes:

Normalising data
from different providers to simplify application integration – e.g. bank sends date of birth in mm/DD/yyyy format and mobile operator yyyy-mm-dd.

Masking user data
according to minimum information disclosure principles – e.g., bank sends date of birth in full, and the Identity Platform can send to the integrated application that the user is “over 18”.

Providing pseudonymization
only send a token that the user is the same as last time with no other user identifiable information.

Providing anonymisation
ensure the user is real and has the required permissions (roles and attributes) but send a unique token each time to prevent tracking or collusion between recipients.

Directory mapping
using a unique identifier sent by a third-party identity provider to find a user in a local database.

External service queries
using a unique identifier sent by a third-party identity provider to find a user in a local database by resolving a common attribute through a commercial or in-house web service.

The Identity Broker Engine is used to efficiently integrate data sources such as AD, LDAP or SQL, so the user identity-related data can be retrieved and utilised on a per-session basis. The result is an individual identity profile, specific to each connected application or outbound federation link.

The identity attributes of the user are collected and modified so that they will match the access and authorisation requirements of the application that the user is trying to access. Only those attributes needed for functioning and authorised by the user are shared.

If the user moves to another application and needs a different set of identity attributes, the Identity Broker Engine will automatically create a correct user profile. The Identity Broker Engine allows for a creation of an environment where privacy-by-design principles are followed by allowing the applications to receive the exact and minimum amount of personal data and where needed, anonymising attributes.

Implementing SSO for Customer and B2B Identity

SSO delivered as Identity-as-a-Service (IDaaS), On-Premises at your own datacenter, or a Hybrid of both

SSO Single Sign-On

Ubisecure Customer SSO (Single Sign-On) allows a customer, partner or contractor to log into one application or one network domain, and then will be logged in automatically to other associated applications or domains. Give users a single identity and one set of credentials for all your applications, whether mobile, web, enterprise or legacy.

Learn about SSO with Keith Uber

What is SSO?

ℹ What is SSO?

User experience and SSO

ℹ User experience and SSO

How can SSO reduce costs?

ℹ How can SSO reduce costs?

How can SSO increase sales?

ℹ How can SSO increase sales?

The importance of logging in SSO

ℹ The importance of logging in SSO

SSO Resources


SSO Integration for the Old, the New and the Strange

Find out about Single Sign-On integration in a range of old, new and strange applications, including SAML, OIDC and non-standard applications.

>> Read More


Single Sign-On Best Practices: How Organisations can Implement SSO

Discussing Single Sign-On best practises and how organisations can implement SSO.

>> Listen Now


B2B SSO Login

Grano implemented Ubisecure SSO in its document management service, SokoPro, averaging 17,000 daily logins. Find out the challenges solved and the benefits delivered.

>> Read More

Ready to get started?