I'm looking at progressing switching on SSO for our community and an interested in hearing how other Lithium customers have found this affected their Community. Would be great to hear any experiences anyone has had, particularly anyone who went from having an established non-SSO community to then switching SSO on mid-life.
I have a number of assumptions, some of which maybe right and some may be completely wrong, feel free to correct or comment:
I appreciate a number of these will depend on the way we set things up and the capabilities we have to take advantage of SSO down the line eg tying together data sets for more insight, capacity to produce and feed members tailored content. But I'm interested in what opportunities the technical capability of SSO will give us that we didn't really have before, assuming we can pull the required resource and expertise together.
Would love to hear peoples thoughts even if it's just what they found best/worst/most tricky about SSO.
Thanks in advance!
We use SSO for a couple of reasons:
@kgroneman thanks, this is exactly the sort of stuff I wanted to hear was possible.
Aside from the icon you mentioned that employees can see - are staff (or admins) on your community able to see from a community members profile anything that tells you not just if they are a customer, but which customer?
I'm trying to understand to what extent SSO might let us shortcut the current manual authentication processes we have to go through in private with community members in order to help them with account specific issues.
We can't see it from their profile, but it does tell us they are a customer and their user ID/Email along with their SSO id so it's easy to take that info and look them up in our customer database. Not seamless, but it works well enough.
The good thing about SSO is if they do have account issues, we deal with it once and it's done for all applications they interact with.
I also manage a Telligent community site that doesn't have SSO and it's a PITA when we have to deal with their customer accounts as they often use a different ID and email address on that community than we have in our customer support database so we usually have to take extra time to ask them what their accounts are in our other systems and wait for them to respond. That's an issue if what we're dealing with is time sensitive. We also have no way of telling if an account in our Telligent community is a customer or not.
FYI the SSO solution we use is this: https://www.netiq.com/solutions/identity-access-management/single-sign-on.html