Page tree
Skip to end of metadata
Go to start of metadata

This page describes the Enterprise SSO policy.

Policy Description

The Enterprise SSO policy restricts access to the app using the same authentication method configured for the Admin Portal (either built-in authentication or Single Sign-On).

This policy is useful when, for example, an employee's device falls into the wrong hands; the unauthorized individual will not have credentials to log in to Apperian and will therefore be blocked from using the app. Also, if you delete a user's account from Apperian, that user will no longer be able to log in or use any apps protected with the Enterprise SSO policy.
 

The authentication timeout period is configurable and controls Enterprise SSO, Self Updating App, and App Catalog authentication. The default setting is 10 minutes. If you want to modify the authentication timeout period setting for your organization, contact Customer Support.

The User Experience

When a user attempts to open an app with the Enterprise SSO policy applied, Apperian prompts the user to authenticate the same way the user authenticates with the App Catalog. This policy uses the same authentication timeout period used for App Catalog authentication.

The app must be stopped before the clock for the timeout period starts; if the app is running in the background, the timeout period will not expire and the user will not be prompted to authenticate.

If a user is prompted with Apperian's built-in authentication and enables the Remember Me? option when logging in to the App Catalog, Apperian will remember the user's password during authentication and not prompt the user to re-authenticate when opening an app with the Enterprise SSO policy applied.

If your organization is configured for Single Sign-On, then an option to remember a password will be available only if that option is available through your company's authentication server.