What is Single-Sign-On
Single Sign-On (SSO) allows users to authenticate once and gain access to different systems in a centralized way. You can use the SSO tab to configure SSO for user authentication.
The SSO (Single Sign-On) tab in ZPE Cloud allows administrators to configure centralized authentication for users by integrating with external identity providers (IdPs), SAML 2.0-compliant providers and other OIDC-complaint providers. This helps organizations streamline user access and enhance security by enforcing unified identity policies.
To log in to ZPE Cloud via SSO, the SSO configuration must be configured at the ZPE Cloud account and the login steps can be found under How to get Started with ZPE Cloud introduction page.
To log in to devices via SSO, both Nodegrid devices and managed devices must first be enrolled in ZPE Cloud. Once enrolled, SSO allows you to access both the Web UI and console sessions of these devices without needing to re-authenticate. When starting a Web UI session, the authentication page is bypassed, and the Nodegrid Manager session begins immediately. For CLI sessions, the Web UI page briefly appears before the console application opens, allowing you to configure the device without additional authentication. Similarly, when accessing the Web UI of a managed device, the authentication page is skipped, and the device's interface opens directly.
To set up SSO for a device, you need to configure two key components: identity providers and certificates. For more information, see the Configuring Identity Providers and Configuring Certificates for SSO sections.