Mastering Single Sign-On (SSO) for Embedded BI Authentication

In today’s digital age, we are overwhelmed with numerous online accounts and passwords that can be quite challenging to manage. The introduction of single sign-on (SSO) has simplified the login process for users and enhanced security by minimizing password-related vulnerabilities. Bold BI supports SSO authentication. You can embed Bold BI dashboards in your application with SSO authentication. SSO streamlines the user experience in embedded BI by enabling users to switch among various business apps without having to log in again. In this blog post, we will explore the concept of SSO, some of its benefits, and what Bold BI offers regarding SSO integration.

What Is Single Sign-On?

SSO is an authentication technique that enables users to access numerous applications or systems with a single login credential. It enables users to log in once and access all approved apps and services, removing the need for users to remember numerous usernames and passwords. This streamlines the login procedure, improves the user experience, and increases security by minimizing the dangers of weak or repeated passwords.

Benefits of Implementing SSO

Here are some of the ways SSO can benefit an organization.

Increased convenience

With SSO, users can use embedded BI without remembering and entering several login credentials. Particularly for users who often utilize multiple applications, this can be convenient and save time.

Improved security

By setting up SSO for your company’s apps, you can enforce the creation of strong passwords. Having one set of credentials to use keeps employees from using weak passwords that are easier to remember, and therefore security risks. Since people tend to use the same password for multiple apps, a hacker gaining access to one through the app with the weakest security gives them access to all the other apps. With SSO, one strong password goes through an app designed for high security, giving employees access to all their business apps, without giving those apps access to that password. Additionally, SSO can make it simpler to provision and deprovision users, facilitating access control for sensitive data.

Better user experience

SSO enables users to open several applications without logging in again, resulting in a smooth user experience. Users can be more productive and have less frustrations as a result. Your IT team will also see fewer requests for help with lost passwords.

Improved adoption of BI

SSO can facilitate user access to embedded BI applications, resulting in a rise in adoption and use of these programs. Better insights and more well-informed decisions may result throughout the organization.

Setting Up SSO with Different Login Providers in Bold BI

Bold BI’s SSO integration can simplify your authentication process and provide you with seamless access to your data. The following are the supported SSO login providers.

Azure Active Directory

SSO with Azure Active Directory in Bold BI allows users to seamlessly access dashboards using their existing Azure AD credentials. To configure SSO, create an Azure AD app, grant necessary permissions, and configure Bold BI settings accordingly. Check out this documentation on the steps to set up Azure Active Directory for SSO authentication in Bold BI.

Office 365

Bold BI for the cloud supports adding Office 365 users and groups to share dashboards and email reports with in embedded applications. This documentation explains how to configure SSO with Office 365 support.

OpenID Connect protocol-based providers

OpenID Connect can be enabled for SSO and imported into Bold BI for authentication by integrating SSO with an identity provider that supports OpenID Connect (OIDC). Auth0, Okta, OneLogin, Keycloak, and RedHat are supported OIDC providers. To learn more about OpenID Connect support, check out this documentation.

OAuth 2.0 protocol-based providers

Configuring Bold BI to enable OAuth 2.0 for SSO allows users to log in instantly after authenticating with OAuth 2.0. Any OAuth 2.0 provider can be used. Learn more about configuring SSO with OAuth in this documentation.

Bold BI allows you to embed dashboards and data sources with SSO authentication.

Embedding Dashboards with SSO

Bold BI offers the ability to integrate dashboards into any application through iframe-based embedding. The following steps discuss the process of using iframe-based embedding with SSO.

Prerequisites

Before starting the embedding process, you need these prerequisites to run the sample. You should either have an active Bold BI for cloud tenant or have the latest Bold BI Enterprise Edition installed in your server.

Steps to run the sample

1.Download the iframe embedding SSO sample.

2.Set the following embed properties in the Program.cs file.

In the Bold BI server, you can get an embed secret key to enable the embed SSO authentication from the administrator settings section.

3.In the cs file, set the URL of the dashboard that you want to render in the variable dashboardUrl. Please follow this link to see how to get the dashboard URL.

How the iframe embedding SSO sample works

4.For SSO authentication while embedding, the secretcode parameter is added to the encryption to generate an encrypted signature.

5.Based on the provided embed properties, we include the iframe URL with its mandatory parameters while sending a request to the Bold BI server and running the sample.

6.The server then identifies the encrypted signature and decrypts it server-side. Then, it is authenticated and the dashboard is allowed to render.

7.The embedded dashboard will be rendered as shown in the following image.

In iframe embedding without SSO authentication, we won’t pass the embedsignature to the server. For this case, we need to log in each time while accessing the sample.

We can also embed data sources in any application using the iframe-based embedding in Bold BI. We can embed data sources without a login prompt while trying to embed using an iframe URL with a valid embedSignature, as explained in this documentation.

I hope this article has shed some light on SSO, its support in Bold BI, and some of the benefits when used in a business environment.