Security
      Back to home
      1. Knowledge base
      2. Security

      Auth0 platform and configuring a new Single Sign-On (SSO)

      In this article, you'll learn more about the advantages of Auth0 platform and SSO authentication process.

      • What is Auth0?

      The Auth0 identity platform is the software Enverus uses to add sophisticated authentication and authorization to our applications. 

      We're able to centralize and manage users from multiple identity providers and give them branded, seamless signup and login experiences.

      We can control access with a degree of customization that can accommodate even the most complex security requirements.

      Among other things, this software allows us to set stringent password requirements and other password controls such as reset time periods. And, it allows us to enable Multi-Factor Authentication (MFA) to help prevent security breaches and password sharing.

      • Why this change?
      We are planning to migrate our authentication provider from Amazon Cognito to Auth0. This decision is driven by several factors:
      1. Integration with Enverus Applications: Auth0 provides a more streamlined and efficient integration process with other Enverus applications. This will allow us to unify our authentication process across all our applications, providing a more seamless user experience.
      2. Increased Security: Auth0 is renowned for its robust security measures. It offers features like anomaly detection, multifactor authentication, and breached password detection, which can significantly enhance the security of our applications.
      3. Customization and Flexibility: Auth0 offers a high degree of customization and flexibility, allowing us to tailor the authentication process to our specific needs. This includes custom login pages and more.
      4. Scalability: Auth0 is designed to handle a large number of users, making it a suitable choice as we plan for future growth.
      5. Compliance: Auth0 complies with various standards and regulations such as GDPR, HIPAA, and SOC 2, ensuring that our applications meet necessary compliance requirements.
        • What is SSO?

        Single Sign-on or "SSO" for short is an authentication scheme within the Auth0 platform that allows a user to log in with a single ID to any of several related, yet independent, software systems.

        Think about all the different Enverus products we have and the simplicity of using one login to access them all versus having to use a different username/password for each!

        True single sign-on allows the user to log in once and access services without re-entering authentication factors. (i.e. You login once to the Enverus Gallery and can access many different applications and systems without retyping your creds.)

          • What happens next?
          Once we have received confirmation to use the SSO platform provided by Enverus, the Enverus Auth0 team will take care of the bulk of the migration and will contact you via email in case more information is necessary.
          During this transition phase, you will continue to use your current SSO setup. This means that there will be no immediate changes to how you access our application.
          Once the migration to Auth0 is complete, you will then need to access our application using the new SSO configuration with Auth0.
          If you prefer to switch to an email and password authentication method, you will receive an email from the RatedPower team with more information about the next steps.
           We believe this approach will allow for a seamless transition while maintaining the security and integrity of our application.