SSO Configuration

Single sign-on (SSO) lets your people authenticate to TraceUnified through your own identity provider, so access follows your central directory rather than a separate set of credentials. The portal supports the standard protocols — SAML and OIDC.

Connecting an identity provider

You configure one or more identity providers (IdPs), supplying the details that establish trust between TraceUnified and your IdP — the metadata and signing certificate that let each side verify the other. Supporting multiple IdPs means a more complex organization, or one mid-migration between providers, can be accommodated rather than forced onto a single source.

Attribute mapping

An IdP describes a user with its own attributes, so SSO includes attribute mapping — connecting an IdP attribute to the corresponding field in TraceUnified. This is what ensures a person who signs in through your IdP arrives correctly identified, with the right information attached, rather than as an anonymous authenticated session.

Why SSO matters

SSO centralizes authentication where it belongs: in your identity provider, with your password policies, your multi-factor requirements, and your ability to cut off access in one place. For a regulated organization, that central control over how people prove who they are is a foundational security posture. Combined with user provisioning for account lifecycle and security policies for the rules, SSO completes how your organization governs entry to the platform.