Frequently Asked Questions (FAQs)

SSOfy offers a secure, no-store authentication server that complies with OAuth2 standards. This means that no sensitive user data or credentials are stored internally. Instead, data is securely queried from the resource server (your API Server) as needed. SSOfy generates and manages access tokens, which should be verified on your backend using middleware. Verification can be performed through JWT or the hybrid approach by API calls to SSOfy.

Startups and enterprises looking for a secure and standard web authentication system can switch to SSOfy with minimal effort on the part of their engineering team.

In a microservice architecture, where a user may need to access multiple services, SSOfy can be especially useful because it allows users to move between services without having to constantly log in and out.
Additionally, SSOfy can be used as a central service for querying user data.

Yes and No.

OAuth2 is a world-class standard for single-sign-on (SSO) implementation. We assume that developers have gone through their own research and evaluated that OAuth2 is the perfect fit for their needs.

OAuth2 is made up of a server application and a client library which redirects users to the server for authorization. Since OAuth2 is a standard, there are a plethora of OAuth2 client libraries for all programming languages available on the internet.

SSOfy as well, offers SDK for various programming languages and frameworks. SDKs are divided into server and client libraries. Server libraries serves data to SSOfy while Client libraries used to access SSOfied login page from client applications.

Not at all.

We knew that companies have strict policies in place when it comes to sharing user information with third-party providers. With SSOfy, all data lives in your own database. Authentications will also be handled by your own backend servers.

SSOfy adds another authentication layer powered by OAuth2 and forwards the credentials to your own backend for the rest of the process.

SSOfy requests information from your server in order to display the user's name, and it anticipates the bare minimum of data to be shown to the user or to you in the dashboard. It is entirely up to you whether to utilize all or some features provided by SSOfy. SSOfy is a highly secure automated proxy software which doesn't monitor or store the data.

This is SSOfy’s part to generate, keep, refresh, invalidate, expire, and link tokens with user sessions. Our mission is to get the burden off the shoulders of developers and companies with the complexities of the development and maintenance of an OAuth2 server.

For user registrations you may choose to use SSOfy's built-in registration page or just set a link to your own registration page or modify the login page's HTML (handlebar) codes to embed your own registration.
SSOfy also offers a convenient "Forgot Password" feature for users who may have forgotten their account credentials. This feature allows users to easily reset their password using their username, registered email, or phone number(via SMS) and also support OTP verification for added security.

Since some websites have no registration pages, SSOfy offers 100% flexibility with your design decisions.

Yes.

SSOfy can generate JWT/JWS token with the algorithm of your choice.

Additionally, SSOfy's hybrid model has built with verify->cache->invalidate idea in mind, allowing you to take advantage of our unique single-sign-out (SLO) feature.

Yes, you can configure SSO on your own domain. You may also configure as many alternative domains as you want.

You can see a list of active sessions and users, together with useful information about them, and you can log them out at any time.

Of course!

Upgraded plans include full theme personalisation. Within the editor page, you can modify "handlebar" files and see a live change preview.

With the free plan, you can still customize the color scheme, edit links, and choose the visibility of items on the page.

Yes, you can customize texts for a variety of languages supported by SSOfy.

Your question is not listed? Don't hesitate to get in touch with us!


ssofyFAQ
At our core, we believe that staying up-to-date with the latest trends and advancements in Authentication and related areas is essential. That's why we take great pride in keeping you informed with the latest insights, updates, and news in this rapidly evolving landscape.


Do you need support?
SSOfy is by Cubelet Ltd.
Copyright © 2024 Cubelet Ltd. All rights reserved.