SSO Support

Strise supports SSO authentication via Auth0. With SSO, users can securely log in to Strise using their organization's identity provider, eliminating the need for separate usernames and passwords.

Supported Protocols

• OIDC (OpenID Connect): A modern and widely used protocol for authentication and authorization.
• SAML (Security Assertion Markup Language): A trusted standard for enterprise SSO integrations.

Login Experience

1. Email-Based Redirection: Users entering their email address are automatically redirected to their organization’s login portal if their domain is configured for SSO.
2. Microsoft and Google Login: We also support login buttons for Microsoft and Google accounts for organizations using these providers.

Users from configured domains will see a login experience tailored to their SSO provider, without needing to enter a password on Strise’s login page.

SSO Login Flow

The following diagram illustrates the login process:

• Identifier First: Users start by entering their email address. Based on the email domain, Home Realm Discovery identifies the appropriate identity provider.
• Password or Passwordless: Depending on the setup, users are prompted to either enter their password or proceed with passwordless login.
• Multi-Factor Authentication (MFA): If enabled, users will need to verify their identity with an additional authentication step.

This process ensures secure access tailored to the organization’s identity provider settings.

API Authentication

Our APIs utilize JWT (JSON Web Tokens) for secure authentication. These tokens are:

• Compact and self-contained.
• Used to verify user identity and permissions for API requests.