SSO or Single Sign-On is a technology used to allow secure access to a system without requiring the user to register an additional account with a user ID and password.
We all already have too many user ID's and passwords to remember so using SSO really helps to make life simpler and easier for users. Over 60% of Reward Gateway clients have SSO with another login provider. The technology is robust, easy to use and setup, and it's secure.
Reward Gateway allows SSO from any platform that supports the industry-standard XML-based Security Assertion Markup Language 2.0 (SAML) protocol.
SAML is used for communicating user authentication, entitlement, and attribute information. It was developed and continues to be advanced by the Security Services Technical Committee of the open standards consortium, OASIS (Organization for the Advancement of Structured Information Standards.) It is now regarded as the de facto standard protocol for identity management.
Benefits of Single Sign-On
Reduced administrative costs
With Single Sign-On, users only need to memorize a single password to access both network resources or external applications. When accessing Reward Gateway from inside the corporate network, users are logged in seamlessly, without being prompted to enter a username or password. When accessing Reward Gateway from outside the corporate network, the user's corporate network login works to log them in. With fewer passwords to manage, system administrators receive fewer requests to reset forgotten passwords.
Leverage existing investment
Many companies use a central LDAP database to manage user identities. By delegating Reward Gateway authentication to this system, when a user is added to the LDAP system they can immediately access all resources that Reward Gateway offers.
On average, a user takes five to 20 seconds to log in to an online application; longer if they mistype their username or password and are prompted to reenter them. With single sign-on in place, the need to manually log in to Reward Gateway is avoided. These saved seconds add up to increased productivity.
Increased user adoption
Due to the convenience of not having to log in, users are more likely to use Reward Gateway on a regular basis. For example, users can send email messages that contain links to web pages in Reward Gateway. When the recipients of the email message click the links, the corresponding Reward Gateway web page opens automatically.
Any password policies that you have established for your corporate network will also be in effect for Reward Gateway. In addition, sending an authentication credential that is only valid for a single use can increase security for users who have access to sensitive data.
Choosing which login source to enable for SSO
Choosing the right system to sign in with is critical to ensuring that it increases usage of the employee engagement platform. Choosing the wrong system at the front can negatively impact usage, sometimes severely.
Here are some useful steps to go through when thinking about enabling SSO with an existing login provider.
Step 1: Consider the options
Most clients have more options than they initially think. They include:
- An existing or new HR System such as Workday, SAP, BambooHR
- Payroll system such as ADP, Ceridian
- An existing or new benefits selection system - sometimes called a Flex or flexible benefits system - such as Thomsons, Mercer
- Company intranet
- Google Apps for Business
Step 2: How will the program be used by employees?
What will users be doing with the Reward Gateway products? Will they be reading company news, sending social recognition cards, using ad-hoc benefits, sending short notes, searching for an HR file?
How many times a day would the client like them to be doing that? Is it a planned experience, or is it an opportunistic thought at a random time of day?
Step 3: Where are the users going to be?
Where will employees be signing into the program from? Will they be mostly doing it at an office desk? Will they be at home or on the road? Will they be doing it from a mobile phone, and if so, will it be a work provided or personal mobile?
In the case of their discounts or wellbeing benefits products, will a restaurant or health club catch their eye and trigger an interaction? Will they be already logged into the source SSO system at that point?
Choosing Single Sign-On is easy and the answer from our customers is nearly always "Yes we should do that". Choosing the source system for Single Sign-On is critical to the success of the Reward Gateway products each client has implemented.
To be successful, clients need to choose a source system that all of their users are using on a daily or hourly basis and that they have easy or automatic access to on all of the devices that they will be using.
Key features within Reward Gateway's products need almost "one thumb" access whilst walking down the street. If users have to log into their program through a cumbersome process that doesn't work flawlessly on mobile, then usage and engagement will suffer.
The chart below shows SSO sources chosen across all 1,600+ Reward Gateway clients worldwide:
Availability & Cost
Our Single Sign-On (SSO) technology is available to all SmartHub® customers worldwide at no additional cost.
To speak to one of our Consultants or Client Success Managers about SSO, send us a message and we'll respond with 24 hours.