The page has been translated by Gen AI.

Overview

Service Overview

SingleID not only allows authorized users to easily access information assets with a single authentication, but also enhances account security through policy-based permission management and real-time detection of abnormal authentication activities, and provides account management and access structures via comprehensive audit logs.

Features

  • Easy and convenient login and app integration: By establishing a unified authentication system that allows login from On-Premises to SaaS apps with a single ID, you can improve work productivity. Administrators can easily integrate various apps without domain knowledge of authentication by automating connections to diverse global SaaS apps through the ready-made Pre-Built Connector.
  • Account Management Optimization and Security Enhancement: We systematically manage the account lifecycle—from creation to termination—for a diverse range of users, including employees, partners, corporations, and subsidiaries. Additionally, we grant permissions to authorized users in a timely manner and promptly revoke unnecessary permissions, thereby preventing unauthorized access and strengthening account security.
  • Enhanced Anomaly Detection: By detecting authentication anomalies based on context such as user type, login IP, device information, and access time, security policies can be applied according to the situation to prevent account compromise incidents.
  • Cloud Access Management: It consolidates the access paths of operators/developers accessing public clouds, and implements role‑based temporary‑token console/resource access control to further enhance cloud security in multi‑cloud environments.

Service Architecture Diagram

Diagram
Figure. SingleID diagram

Provided features

SingleID provides the following features.

  • Unified Authentication and Account Management
    • Support for various authentication integration protocols (SAML, OIDC, etc.)
    • Providing a self-service feature for app usage requests and approvals
    • Account synchronization for Salesforce, Workday, etc., and synchronization/management of roles (groups) within accounts
    • Provide a sign‑up/withdrawal feature that can issue accounts to partners, customers, and others who are not employees.
  • Passwordless and Multi-Factor Authentication
    • PC/mobile passwordless authentication and multi-factor authentication (MFA)
    • Provide composite authentication for secondary authentication by integrating with the existing primary authentication environment (MFA-only service use case)
    • Private CA(Certificate Service Authority), a private certificate issuance/management feature, provides certificate-based authentication support (separate Use Case)
      • Authentication methods: SMS, email, mOTP, TOTP, PIN, biometrics, Knox Messenger, Windows Hello, etc
  • Authentication and Account Information Integration
    • Automating app integration via Pre-Built Connector
    • Simplifying custom app integration through DIY integration templates
  • Risk-Based Authentication Anomaly Detection
    • Context-based access control according to authentication attempt scenarios
    • Enhancing security through detailed login and authentication policy settings
  • Public Cloud Access Management for Cloud Operators/Developers
    • Console access control via role-based assigned accounts
    • Resource access request/approval and OTP-based credential authentication for resource access

Component

The components of the SingleID service are as follows. Users can access the service through the Samsung Cloud Platform SingleID Console.

  • Access Management
    • Support for various authentication integration protocols (SAML, OIDC, etc.)
    • Provide unified login to internal and external business systems with a single sign‑on.
  • Identity Management
    • Lifecycle management from account creation to decommission
    • Directory integration and synchronization (Active Directory, LDAP, etc.)
  • Multi Factor Authentication
    • PC and mobile simple authentication
    • SMS, email, mOTP, TOTP, PIN, biometric, Knox Messenger, Window Hello, etc., offering various multi-factor authentication methods
  • Anomaly Detection Management
    • Context-based access control according to authentication attempt scenarios
    • Providing adaptive access control through risk analysis
  • Cloud Access Management
    • Enhancing cloud security by unifying access paths for cloud operators/developers
    • Role-based temporary token method for console and resource access control

Provision status by region

SingleID is available in the environments below.

RegionProvision status
Korea West (kr-west1)Provided
Korea East (kr-east1)Not provided
South Korea South 1 (kr-south1)Not provided
South Korea South 2 (kr-south2)Not provided
South Korea South 3 (kr-south3)Not provided
Table. SingleID regional availability status

Prior Service

SingleID has no prior service.

Release Note
How-to guides