0

I am working on SSO concept. In case of Open ID Connect, I found that it works with public IdPs such as Google, Facebook, etc. I want to know, considering the complexity of implementation of SSO, And in scale of a very big company (assuming we chose the Open ID Connect), Is customizing our own IdP cost-preserving? Or it is not common to go on this way? (Perhaps its not usual to select the open ID Connect and design a custom IdP, I do not know).

Regards!

Golnaz Saraji
  • 154
  • 1
  • 3
  • 14

1 Answers1

1

In my opinion, in a company with many diverse products and desire to better integrate them I think it makes a LOT of sense to implement a single point of contact (and failure of course!) for all authentication matters.

In our business our IdentityServer4-based implementation will underpin key strategic projects going forward. The benefits are:

  • Simplified implementation within your products since they only need to talk one language to one service
  • Enhanced security as it's much easier to manage and ensure quality in a single authentication solution. The protocol designers have done the hard work for you too.
  • Enhanced user experience due to true single sign in and out and consistent UI etc.

OpenID Connect also supports a diverse range of use cases so problems that may have once required clean-sheet home-rolled (and probably flawed) solutions can now utilise standard flows and be rolled out with little more than just configuration.

mackie
  • 4,996
  • 1
  • 17
  • 17