MicroStrategy ONE

How to Enable Single Sign-On Authentication

Single sign-on (SSO) allows enterprise network users to access all authorized network resources seamlessly, on the basis of a single authentication that is performed when they initially access the network. Within this typical security infrastructure, single sign-on functionality reduces an IT department's administrative overhead by providing one interface to manage multiple systems. From the user's perspective, single sign-on relieves the frustration of having to remember multiple passwords to access multiple systems.

MicroStrategy can help implement single sign-on and make use of a company's security infrastructure to provide a seamless experience for the user and rich administrative functionality for IT administrators. Identity management systems, portals, and other third-party applications can all be part of a company's larger security infrastructure, and MicroStrategy Web can be integrated easily with each of these to provide seamless application and data access. Single sign-on enables smooth integration of MicroStrategy Web into any portal application. This process can even be used as the sole authentication and authorization process for MicroStrategy Web.

Implementing single sign-on in a MicroStrategy environment generally involves the following:

  • Using an external repository for authenticating users

  • Authenticating or verifying users against MicroStrategy Web without requiring them to manually provide their login credentials

  • Synchronizing any user changes between the external user repository and the MicroStrategy metadata

  • Using an external mechanism for performing authentication

MicroStrategy Web provides the ability to integrate the external security mechanism and policies of such a security infrastructure into the application without requiring the original source code to be modified. The external security mechanism can be an identity management application, a portal application, or some other third-party application. For details on how to configure your MicroStrategy system to use single sign-on authentication, see the Authentication section in the System Administration Help.

Integration between Web and a single sign-on application is accomplished by enabling and configuring Trusted Authentication Mode in the MicroStrategy Web Administrator page.

  1. Access the MicroStrategy Web Administrator page. (How?)

  2. From the pane on the left, select Default properties. The Default Server Properties page opens.

  3. In the Login area, select the Enabled checkbox for Trusted Authentication Request.

  4. To ensure that single sign-on authentication is the default authentication mode, select the Default option next to Trusted Authentication Request.

    For additional details about these authentication modes, refer to the Authentication section of the System Administration Help.

  5. From the Trusted Authentication Providers drop-down list, specify which application to use for single sign-on functionality. The drop-down list provides a list of the applications with which MicroStrategy Web can integrate to enable single sign-on authentication. The default application is CA SiteMinder.

  6. Click Save.

Related Topics

How to Establish Default Login Requirements for Web

How to Enable the Web Guest User Account

How to Enable Integrated Authentication