# Single Sign On Integration Single Sign-On (SSO) Integration in CERTInext allows users to authenticate using their enterprise identity provider, eliminating the need for separate platform credentials and aligning access with corporate identity policies. SSO centralizes authentication while allowing CERTInext to enforce role-based authorization internally. #### Supported Authentication Models CERTInext supports industry-standard authentication protocols, enabling integration with enterprise identity platforms using: * SAML 2.0 * OAuth 2.0 / OpenID Connect This allows organizations to integrate CERTInext with commonly used identity providers such as **Microsoft** (Azure Active Directory) and **Okta**. #### How SSO Works in CERTInext When SSO is enabled: * Users are redirected to the enterprise identity provider for authentication * Identity validation, password policies, and MFA are enforced by the IdP * Upon successful authentication, users are mapped to CERTInext roles and groups * Access is granted based on assigned permissions within CERTInext CERTInext does not store enterprise passwords, reducing credential exposure risk. #### User Lifecycle Management SSO simplifies user lifecycle management by: * Enabling centralized onboarding through the identity provider * Automatically enforcing access removal when users are deactivated at the IdP * Ensuring consistent access policies across applications This reduces administrative overhead and improves security consistency. #### Audit and Compliance All SSO authentication events are logged within CERTInext, including: * Login attempts and outcomes * Identity provider used * User session activity This provides audit-ready visibility and supports compliance with enterprise security and governance requirements. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.certinext.io/documentation/user-roles-and-access-control/single-sign-on-integration.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.