Single Sign-On (SSO) solutions represent the best standard in identity management. Amid the prevalence of poor password practices, the efficacy of ‘username and password’ has entirely failed as the primary authentication model.
Management of passwords can be an IT nightmare, reducing the effectiveness of departments and increasing service costs. SSO solutions allow administrators to centralize end-user identity management to access any business application using a single set of credentials.
Setting up PeopleSoft SSO
PeopleSoft applications are a key component of a company’s corporate infrastructure, and integrating a corporate SSO into PeopleSoft may pose some challenges. You should always consider the following issues when you test PeopleSoft SSO solutions:
Interaction with PeopleSoft
Organizations must first integrate all applications with a centralized ID provider to execute an SSO solution successfully. SAML, the open federation standard that allows ID providers to communicate with business applications, is used by most popular ID providers such as Microsoft Azure Active Directory, OKTA, etc.
Several off-the-shelf vendors claim to support PeopleSoft. They do not know, however, that SAML is not natively supported by PeopleSoft applications. PeopleSoft apps can be separated from other business applications with a conventional SSO solution. Organizations must ensure that the SAML problem is solved first by their SSO provider. Otherwise, a number of implementation problems can arise (e.g., a bloated budget, schedules, difficulty, etc.).
Need for Customizations
Exclusive to PeopleSoft, most SSO providers need a robust system for customization. Customizations require additional resources and prolong the period of implementation, thus growing responsibility for the project. Even after that, for certain transactions, customized SSO solutions can be unsafe, fragile, lack features, and be prone to troubleshooting problems. In addition, designing and managing a customizable platform requires coding knowledge and PeopleTools experience, a not-so-common combination of skills. Alternatively, customers of PeopleSoft should look for a configurable SSO based on workflows constructed outside of PeopleCode.
Need for External Hardware/Servers
Companies may need to purchase extra hardware in most instances to allow customizations to simulate interaction between PeopleSoft and their respective Identity Provider. It is not feasible to procure fresh technologies (reverse proxy servers) and can result in unexpected budget overruns.
Embedded Links Endorsement
One of the key advantages of an SSO strategy is that it allows users to bypass login using deep connections or embedded links. These links may be sent to a user using a previously authenticated SSO session for a particular transaction. They save time, improve customer loyalty and efficiency. But this feature isn’t provided by many off-the-shelf SSO providers. For usability and interaction, remote access on mobile devices would make deep-link navigation necessary.
PeopleTools Lifecycle Management
The native functionality of PeopleSoft is continually changing, with each image published via the PeopleSoft Update Manager (PUM). Such changes include frequent adjustments to the authentication model, which ensures that a customized approach will require needless change and alteration with each upgrade. The adequate use of customer resources and time, allowing room for increased errors and subsequent troubleshooting, can be adversely affected by continuous maintenance needs.
Switching an ID Provider
Versatility as to when and where they choose to convert IdPs is one of the most important decisions businesses need to make when choosing an SSO solution. Ideally, instead of coded ones, organizations need a configurable SSO. The explanation is that a custom solution will require a full integration framework if a company plans to migrate to a new ID provider. Unlike a configurable SSO that makes a smooth transition, a custom SSO can be tedious and time-consuming.