SECURITY WHITEPAPER
SECURITY WHITEPAPER
USER IDENTITY MANAGEMENT
YSoft SAFEQ Cloud is built on modern authentication methods ( OAuth 2.0 ) and utilizes Single sign-on ( SSO ) provided by external Identity Providers such as Microsoft Azure Active Directory . SSO is a session and user authentication service that permits a user to use one set of login credentials to access multiple applications . Customers who want to use YSoft SAFEQ Cloud , we recommend them to use an external Identity Provider that manages the Internet identity of all their users . This approach allows admins to define the required level of user identity protection by enforcing multi-factor authentication . Another advantage is that users log in at browsers which they know ( and consider secure ) via Microsoft ' s authentication page , and YSoft SAFEQ Cloud merely receives information on the results . User credentials are safely confirmed by their external Identity Provider and never shared with the service provider ( YSoft SAFEQ Cloud ). The external Identity Provider provides YSoft SAFEQ Cloud only basic user details such as their first name , last name , and username based on permissions and grants set in the Identity Provider
Whenever a user logs in , YSoft SAFEQ Cloud refreshes the user details from the external Identity Provider – role membership changes , name changes and account deactivation / reactivation .
YSoft SAFEQ Cloud - 9 - YSOFT . COM