Tagged: google

Single Sign-on via Open ID Connect for Office 365, Google, Github and Bitbucket

SSO-2

MantisHub team is excited to announce the release of Open ID federation support for single sign-on! With our AuthHub plugin, we provide open ID connect with multiple identity providers.

What is Open ID Connect? Well, in a nutshell, our AuthHub plugin allows you to enable federation based authentication for single sign-on (SSO).  It also allows the auto-provisioning of users. So on valid authentication from your centralized identity provider, their MantisHub account is automatically created!

The following identity providers are supported with qualifying plans:

  • Azure AD (Office 365) – for Platinum volume plans (200, 300, 500, 1000 users)
  • Google / Google Suite – for Platinum volume plans (200, 300, 500, 1000 users) 
  • Github – for Gold plans and above
  • Bitbucket – for Gold plans and above

Check out our pricing page for details.

For companies that use any of the supported identity providers, switching over to SSO rather than your standard MantisHub username password adds a wide range of benefits.

For your users:

  • Users don’t have to manage yet another username and password as well as all the other advantages of SSO (single sign-on). So that means changing passwords just once! And if they are already logged in, just one click of a button will get into their MantisHub account!
  • User accounts can be auto-provisioned, hence, no need to coordinate with an administrator or have a lag between needing to access MantisHub and being able to access it.
  • User hashed credentials are not stored on MantisHub servers.

For your administrators and enterprise security:

  • Users authenticating via your enterprise identity providers will honour policies configured by the administrator in accordance with your enterprise security policies. For example, using FIDO devices, multi-factor authentication, password complexity, recurring password changes, protection against password spray attacks, etc. are all enforceable.
  • Once a user account is disabled, like when an employee leaves your company, administrators just need to revoke access in the one place and access to MantisHub and other federated SaaS applications access will be blocked.
  • AuthHub can be configured to lock down a list of users or domains to only permit login via your identity provider while allowing other users to log in with MantisHub standard login.
  • AuthHub plugin can be configured to allow auto-provisioning of users with your chosen access level on successfully sign-on.  This can be scoped to a configured list of email address domains.  This reduces manual work to onboard your team and reduces human error.

Want to get started? 

Check out MantisHub’s knowledge base articles for more information including configuration options:

And if you have questions, please reach out to our lovely MantisHub support team.