Introducing Single Sign-On in Bytebase
What’s Single Sign-On?
Single Sign-On (SSO) is a user authentication service allowing users to access multiple applications or services with one login credential. There are several benefits to supporting SSO:
- Enhanced security: SSO can improve security by reducing the likelihood of users reusing the same password across multiple applications or services, minimizing the risk of data breaches and unauthorized access.
- Improved user experience: SSO enables users to authenticate just once and then smoothly access all authorized services without re-entering their login credentials.
- Increased flexibility: With support for different authentication protocols, SSO allows organizations to configure different SSO methods for different domains, providing a highly flexible and customizable solution.
Supported Protocols in Bytebase
SSO is typically achieved through standardized authentication protocols such as SAML, LDAP, OAuth, or OpenID Connect (OIDC). Today, Bytebase supports the two most widely used protocols for SSO: OAuth 2.0 and OIDC.
OAuth 2.0, released in 2012 to replace OAuth 1.0, allows services or applications to access accounts on an HTTP service with limited permissions. With OAuth 2.0, user authentication is delegated to the service hosting the user account, and third-party applications are authorized to access that user account without sharing the user’s credentials.
Bytebase integrates the following identity providers supporting OAuth 2.0:
For details information on how to configure SSO using OAuth 2.0, you can refer to the user doc OAuth 2.0.
OpenID Connect (OIDC)
OIDC is an open standard for authentication and authorization that is built on top of OAuth 2.0. It provides a secure and reliable way for users to authenticate to an application using their existing online accounts.
Like OAuth 2.0, OIDC relies on identity providers to authenticate users. These identity providers can be third-party services or self-hosted solutions including:
To learn details about how to configure SSO using OIDC, you can refer to the user doc OpenID Connect (OIDC).
SSO is available in the Enterprise plan, which enables users to authenticate once and then seamlessly access all authorized resources without re-entering their credentials. Bytebase supports using OAuth 2.0 and OIDC for configuring SSO. To get started, you can refer to the doc Single Sign-On (SSO) and try it out by yourself.
If you have any comments or questions, don’t hesitate to let us know. You can join our discord to learn more about Bytebase.