SaaS - Authentication modes

User access

Should the software use SSO or MFA?

As a general rule, If it needs a login, it needs Single Sign On (SSO) /Multi-Factor Authentication (MFA).

Please check with the vendor if they support Multi-Factor Authentication and/or Single Sign On as a method of authenticating user access to the software.

If the vendor does not support Single Sign On (SSO) or provide Multi-Factor Authentication (MFA), AND we are sharing LU data directly with the vendor, then we would not be able to use this software. Alternative solutions will need to be considered. 

Depending on the type of authentication offered by the vendor, this will implemented during Stage 5 of the Software Risk Assessment process, the Implementation stage. 

Question to ask vendor

  1. We require SP initiated SAML v2 single sign-on using a SHA256 2048 bit (minimum) certificate and any data we return will be encrypted using your certificate. Please confirm you can support this? 

Quick links