Welcome

This documentation provides information on how to use the Unit4 Identity Services (U4IDS) for applications in the Unit4 ecosystem. Here you will find useful information about U4IDS features, concepts, protocols, tutorials, implementation specifications and best practices etc.

Introduction

An increasingly important requirement for users in an organization is to be able to log in with the same credentials in all applications they use, sometimes referred to as single sign-on (SSO) or Federated Authentication.

Using the same credentials is, of course, convenient for the users as they do not need to remember and maintain different passwords to be able to do their work in various applications. However, using an organization's existing authentication mechanism is also an important security measure, since user accounts and identities can be maintained in one central place and deactivation or removal of a user here blocks the user's access to all of the systems used by the organization. Previously, application integration with the organization's network domains was a common way to solve this. However, as applications first moved to the web and then out of the networks to the cloud, and access is now done by a wide range of devices, this approach becomes no longer viable.

Internet applications naturally have a much broader attack surface, requiring industry standard security protocols to be applied to protect against illegitimate access. What's more, in-house and statutory policies have put forward new requirements towards secure login, for example requiring multi-factor authentication to be used when logging into systems having personally identifiable information. In summary, fulfilling modern requirements towards identity and secure authentication is more important than ever.