This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Overview

    Service Overview

    SingleID not only allows authorized users to easily access information assets with one-time authentication, but also strengthens account security through policy-based authority management and real-time abnormal authentication detection, and provides account management and access framework through various history management.

    Features

    • Easy and convenient login and app linking: Building an integrated authentication system that can log in from On-Premises to SaaS apps with one ID can improve work productivity. Administrators can automate linking to various global SaaS apps through prepared Pre-Built Connectors, allowing them to easily link various apps without domain knowledge of authentication.
    • Account Management Efficiency and Security Enhancement: It systematically manages the account lifecycle from creation to deletion for various users, including employees, partner companies, corporations, and subsidiaries. Additionally, it grants permissions to authorized users in a timely manner and revokes unnecessary permissions in a timely manner to prevent unauthorized access and strengthen account security.
    • Enhanced Anomaly Detection: Situation-based authentication anomaly detection through user type, login IP, device information, access time, etc. enables the application of security policies according to the situation, preventing account infringement accidents.
    • Cloud Access Management: Unifies the access path of operators/developers accessing the public cloud and executes role-based temporary token-based console/resource access control to further strengthen cloud security in a multi-cloud environment.

    Service Composition Diagram

    Configuration Diagram
    Figure. SingleID Configuration Diagram

    Provided Features

    SingleID provides the following functions.

    • Integrated Authentication and Account Management
    • Supports various authentication linkage protocols (SAML, OIDC, etc.)
    • Provide self-service features for app usage application and approval
    • Salesforce, Workday etc. account synchronization and role (group) synchronization/management within the account
    • Provides membership registration/withdrawal function that can issue accounts to non-employees, such as partners and customers
    • Passwordless and Multi-Factor Authentication
    • PC/Mobile passwordless authentication and multi-factor authentication (MFA)
    • Existing 1st authentication environment linkage to provide 2nd authentication composite authentication (MFA-only service use case)
    • Support for certificate-based authentication through Private CA (Certificate Services Authority), a private certificate issuance/management function (separate Use Case)
      • Authentication method: SMS, email, mOTP, TOTP, PIN, biometric, Knox Messenger, Window Hello, etc.
    • Authentication and Account Information Linking
    • Automation of app connection through Pre-Built Connector
    • DIY integration template for simplified custom app integration
    • Anomaly Detection based on Risk-based Authentication
    • Context-based access control according to the situation of attempting authentication
    • Enhanced security through detailed login and authentication policy settings
    • Public Cloud Access Management for Cloud Operators/Developers
    • Role-based console access control through assigned accounts
    • Request/Approval of Resource Access Permission and OTP-based Credential Method for Resource Access

    Component

    The components of the SingleID service are as follows. Users can use the service through the Samsung Cloud Platform SingleID Console.

    • Access Management
    • Supports various authentication linkage protocols (SAML, OIDC, etc.)
    • Provide integrated login to in-house and out-of-house work systems through a single login
    • Identity Management
    • Manage lifecycle from account creation to disposal
    • Directory integration and synchronization (Active Directory, LDAP, etc.)
    • Multi Factor Authentication
    • PC and mobile simple authentication
    • SMS, email, mOTP, TOTP, PIN, biometric, Knox Messenger, Window Hello, etc. provide various composite authentication methods
    • Anomaly Detection Management
    • Context-based access control according to the situation of attempting authentication
    • Providing adaptive access control through risk analysis
    • Cloud Access Management
    • Cloud security enhancement through singleization of access paths for cloud operators/developers
    • Role-based temporary token method for console/resource access control

    Regional Provision Status

    SingleID can be provided in the following environments.

    RegionAvailability
    Korea West(kr-west1)Provided
    Korean East(kr-east1)Not provided
    South Korea 1 (kr-south1)Not provided
    South Korea, southern region 2(kr-south2)Not provided
    South Korea, southern region 3(kr-south3)Not provided
    Table. SingleID Region-based Service Status

    Preceding Service

    SingleID has no preceding service.