Security with Single Sign-On (SSO)

Take the first step in enhanced sign-on security with a smooth user experience. Our software’s authentication system connects numerous identity services to simplify your user’s sign-in experience.

Single Sign-On cloud concept

Single Sign-On Benefits

Tight on Security

Most people use the same passwords for personal and work accounts, increasing breach risks.

Simplified Support

Reduce reliance and support issues stemming from third-party integrations and authentication issues.

Reduce Password Fatigue

Never forget a password again or lose time spent re-entering passwords for the same identity.

Increase User Adoption

Single Sign-On saves each individual up to 20 seconds each time they access the software.

Common Enterprise Connections

JustFOIA Single Sign On Process
  • Azure Active Directory
  • Active Directory Federation Services (ADFS)
  • Active Directory / Lightweight Directory Access Protocol (LDAP )
  • Google Workspace (formerly G-Suite or Google Apps) 
  • Open ID Connect 
    SAML (Security Assertion Markup Language)
  • PingFederate

Let's get technical and dig a little deeper

You've got questions. We've got answers.

There is no defined limit to the number of users that can be created or active.  Our subscription pricing scales with your organization’s size, and the SSO/Active Directory add-on is an additional percentage.

Your identity provider e.g., Azure Active Directory or ADFS,  will send your email address, often referred to as an email claim to  JustFOIA as part of the log-in process when that email address matches an existing user. If no user is found, a new user is automatically created with the email address, if the new user’s email address exists and authenticates via the identity provider. First and last name claims are also added to new users when they’re provided. New users are created as view only, which is the most restricted role. Your site administrator can adjust the user roles and permissions once the user is created.

Currently, JustFOIA does not map or sync user groups in the system. All new users that log in via the SSO provider will be created within JustFOIA automatically as a viewer role with the standard viewer role permissions set. The viewer role has the least access of the four user roles available – administrator, power user, user, and viewer. It’s the securest way for the initial creation and automatic log-in.

Not all users in the system need authentication with your SSO provider. You may have users that pre-existed before your SSO connection was configured. The user administration page will all you to manage pre-existing users. In addition, stop the automatic redirection to your SSO provider and reach the manual log-in page by using a specific URL. To ensure access if the local network goes down or you are not able to bypass the automatic redirection, customers using an on-premises or closed network SSO connection should bookmark the following URL: “https://<YOUR ORGANIZATION’S NAME>”. We recommend a best practice to create an admin user that does not have SSO-enabled for just this purpose.

JustFOIA does not store any user authentication data. Instead, it makes a call to your identity service every time. When someone leaves the organization, and your internal IT team removes their access from your central identity servicetheir access to JustFOIA is also removed.

Public accounts (your requesters) would access the Public Portalwhich uses a separate authentication system from the JustFOIA user and admin portal.  Public users who navigate to sign onto your internal platform will be stopped at the SSO login prompt because they will not have credentials.

Request More Information About JustFOIA

Fill out this form to request a demo, quote, or more information about JustFOIA. We will respond within one business day. Please note: We do not process records requests for individuals - please contact the agency of record.