This page provides a step-by-step guide to set up Single Sign-On (SSO) for Lansweeper Sites, emphasizing its benefits, compatibility with various identity providers, and the option to combine it with multi-factor authentication.
There are two main ways to log into your Lansweeper Site: using a login/password created in Lansweeper Sites itself or using SSO.
Where possible, using single sign-on (SSO) is recommended, as it has a number of benefits. SSO allows you to centrally manage accounts in a third-party system you're already using. This simplifies management tasks, eliminates the need for each user to have multiple login/password combinations and allows you to enforce your own security policies, among other things. For more information about how to improve security, check out 5 Features of Lansweeper Cloud that Strengthen Security.
Lansweeper Sites supports both OpenID Connect (OIDC) and SAML for setting up SSO. Any identity provider (IdP) that supports at least one of these options is a suitable candidate for use with Sites. Azure Active Directory, Google and Okta are just a few examples of identity providers that you can use to log into your site. SSO can be set up quickly and easily, as explained in the below steps.
email_verified attribute to the Site.
Once you've set up your SSO connection new and existing Lansweeper Site users in your domain should be able to log in by selecting Log in with Single Sign-On. They will be asked for their email address prior to starting the SSO login process.
You can combine SSO either with Sites-configured MFA (Multi-Factor Authentication) or the MFA of your IdP. That way, you can add an extra layer of security to the login process. If you already have MFA set up or enforced in your IdP, it will automatically be part of the Lansweeper Sites SSO login process for your domain users.
You can optionally enforce the use of SSO by all users in your site.
If a user subsequently tries to log into your site with a Sites-created login/password, they will be denied site access. Site owners will still be able to log in using the Sites-created login/password in case of issues with your domain's SSO setup.
Optionally, you can add managers to your SSO connection for redundancy and security purposes. This means you are not dependent on a single person to manage the SSO connection.
Was this post helpful? Select Yes or No below!
Did you have a similar issue and a different solution? Or did you not find the information you needed? Create a post in our Community Forum for your fellow IT Heroes!
More questions? Browse our Quick Tech Solutions.