SSO Concierge
Seamless Access to Thick Client Apps
Traditional thick client applications, or thick client apps, are difficult to integrate into existing Single Sign-on (SSO) solutions with their lack of support for common identity federation protocols. PortalGuard SSO ConciergeTM eliminates the additional login and seamlessly passes credentials to thick client applications on the user’s behalf, improving productivity for users and the IT team.
Challenges of Thick Client Applications
Although most applications in the modern enterprise have moved to the cloud, traditional thick client applications are still used for key business operations and are difficult to replace. Often, because they were created long before modern authentication and federation approaches – such as SAML, Open ID Connect, and OAuth – they do not have federation capabilities and require an independent identity store.
Without being able to consolidate them into a single SSO solution, your users have to maintain a separate login and password for each of these applications they need to get their work done, resulting in password fatigue and poor password hygiene that creates cyber risk, as well as:
- An increase in password-related IT support calls
- A loss in productivity for both the user and IT team
- A poor user experience
PortalGuard SSO Concierge
Along with PortalGuard’s robust SSO offerings, SSO Concierge eliminates the additional login and seamlessly passes credentials to thick client applications on the user’s behalf. This makes it easy to protect on-premises, legacy, thick client, and web applications from a single Identity Provider (IdP).
Key Features
- Login to thick client apps without manually entering a password
- Support for thick client apps with multi-step logins
- 16+ multi-factor authentication (MFA) options, including biometrics
- Enforce application-level security policies, by individual, group, or OU
- Bulk upload of thick client application credentials
- Administrative configuration editor and credential manager
- Auditing and logging of login activity
Key Benefits
- SSO for all applications from a single IdP
- Increase security with strong MFA
- Reduce password-related IT support calls
- Improve productivity for users & the IT team
- Provide a more advanced, consistent user experience to access all apps
- Work with a single partner, no third-party integrator required
How It Works & System Requirements
PortalGuard SSO Concierge is installed on the end user’s system. The end-user will be required to log in to validate their PortalGuard credentials and configure the thick client applications which are available for enabling SSO Concierge.
System Requirements
- Valid PortalGuard credentials
- Valid credentials for any thick client apps that require SSO
- The thick client app has been configured for SSO by the admin
How it Works
Setting Up SSO Concierge:
- The PortalGuard SSO Concierge agent is installed on the end user’s system.
- Each valid SSO application will need a template, which should be configured by the administrator. However, a user can be allowed to create their own private templates if it is allowed in the server policies.
- The user will be required to provide the application credentials during the first login to activate SSO Concierge for any application.
Using SSO Concierge:
1. User logs into Windows using PortalGuard Desktop and an advanced Multi-Factor Authentication method.
2. PortalGuard Desktop validates the user with the domain via the PortalGuard Server.
3. The PortalGuard Server returns a session key for encryption and completes the user sign-in.
4. PortalGuard Desktop initializes PortalGuard SSO Concierge with the session key.
5. PortalGuard SSO Concierge requests permission to access the user’s encrypted Credential Vault where the user’s credentials are securely stored and encrypted.
6. The PortalGuard Server grants access to the user’s personal Credential Vault.
7. When a targeted thick client app is seen by PortalGuard SSO Concierge, template permissions and rules are validated and either prompts the user for additional action (go to step 8); or directly applies the user’s credentials (skip to step 9).
8. The user confirms any additional actions that are required or cancel PortalGuard SSO Concierge. For example, if a user has multiple logins like an admin login and a user log in, they will choose the appropriate one.
9. PortalGuard SSO Concierge applies the user’s personal, securely encrypted, credentials to the targeted thick client application for SSO.
Request a Demo
Interested in learning more about SSO Concierge? Request a demo today!