SSO for the Ubiq Dashboard
Ubiq supports Single Sign-On (SSO) for secure, centralized access to the Ubiq Dashboard. By integrating with your existing Identity Provider (e.g., Okta, Entra ID, Google Workspace), SSO ensures every login follows your organization’s MFA, access, and session policies, eliminating separate credentials and strengthening Zero Trust alignment across your identity and data layers.
Overview
Single Sign-On (SSO) allows users to securely access the Ubiq Dashboard (UI) using their organization’s existing Identity Provider (IdP) credentials (such as Okta, Microsoft Entra ID, or Google Workspace) instead of a separate Ubiq username and password.
When SSO is enabled, authentication is centralized under your corporate identity system, ensuring every login to Ubiq follows the same access policies, multi-factor requirements, and conditional access controls already enforced across your organization.
Why It Matters
SSO is not just a convenience feature, it’s a core component of Zero Trust security. By delegating authentication to your IdP, you:
- Eliminate credential sprawl Users no longer maintain a separate password for Ubiq, reducing password reuse and potential credential exposure.
- Enforce consistent access controls Every Ubiq session inherits your organization’s identity policies — including MFA, device posture, location restrictions, and session duration limits.
- Automate onboarding and offboarding When a user joins or leaves your organization, their Ubiq access automatically follows their IdP status. This removes the need for manual account provisioning and reduces the risk of orphaned accounts.
- Centralize auditability All authentication events are logged in your IdP, providing unified visibility across all applications, including Ubiq. This supports compliance efforts such as SOC 2, ISO 27001, PCI DSS, and GDPR.
Security Benefits
Integrating SSO with Ubiq strengthens both identity assurance and data protection layers:
- Stronger Identity Assurance Authentication is handled by your trusted IdP, which likely supports adaptive risk analysis, phishing-resistant MFA (e.g., FIDO2), and centralized credential policies.
- Reduced Attack Surface No Ubiq-managed passwords means fewer targets for brute-force or credential-stuffing attacks. Compromised credentials in one system can’t be reused in Ubiq.
- Streamlined Compliance Centralized access control simplifies access certification, audit reporting, and identity governance workflows, helping demonstrate control over who can manage your cryptographic and key management controls.
Relationship to IdP and SCIM Integrations
SSO controls authentication, confirming who the user is when accessing the Ubiq UI.
The IdP / SCIM integration controls authorization, defining which users or groups can encrypt, decrypt, or unmask data at the dataset or field level.
Used together, SSO and IdP integration create a fully identity-driven data protection model:
- The IdP authenticates the user.
- SCIM synchronizes their group memberships.
- Ubiq enforces cryptographic policies based on those identities.
Summary
Enabling SSO for Ubiq aligns access to the Policy Manager with your enterprise’s existing security posture. It replaces isolated credentials with centralized, auditable identity control, reducing risk, improving governance, and supporting a unified Zero Trust approach across both identity and data layers.
Updated about 4 hours ago