Enhance your security with Single Sign-On (SSO) and prepare for Multi-Factor Authentication (MFA)
Learn about improving your security with SSO, Client credentials , and MFA sign ons.
As part of our ongoing commitment to providing our customers with the highest level of security, we are excited to share important updates about the steps we are taking to further safeguard your Reltio accounts. We strongly encourage all customers to implement Single Sign-On (SSO), prepare for the upcoming Multi-Factor Authentication (MFA) capabilities, and migrate service users to client credentials.
Why Single Sign-On (SSO)?
Implementing SSO with your enterprise identity provider (IDP) is an industry-standard best practice for enhancing the security and efficiency of your user management. By integrating with your IDPs via Security Assertion Markup Language (SAML) or OpenID Connect (OIDC), SSO offers numerous benefits:
- Streamlined access: Users can access multiple applications without needing to log in separately to each one.
- Reduced password fatigue: With fewer passwords to remember, users are less likely to resort to insecure password practices.
- Improved user productivity: Users spend less time logging in and more time on productive tasks.
- Centralized security controls: IT administrators can manage access policies and monitor authentication activities from a single platform.
How to Implement SSO
We support SSO integration via SAML and OIDC. To help you get started, we have prepared comprehensive guides for each method:
These guides provide step-by-step instructions on seamlessly integrating your IDPs with Reltio.
Preparing for Multi-Factor Authentication (MFA)
Reltio will require MFA for non-SSO users (users who cannot use SSO) by November 4, 2024. Customers choosing not to leverage SSO will be able to use Reltio MFA (Google Authenticator, Microsoft Authenticator, etc.), which will be available by September 16, 2024. Email-based MFA will be available shortly after.
Key dates:
- September 16, 2024: MFA becomes available for all users, who can begin enrolling in their preferred authenticator apps.
- November 4, 2024: MFA enforcement begins. Users without MFA will receive Time-Based One-Time Passwords (TOTPs) via email until they enroll in an authenticator app.
Managing Service Accounts
All customers must adopt client credentials and stop using username/password for API access immediately. Reltio will disallow API access using username/password by November 4, 2024. Client credentials are required for any integration or API usage with Reltio. Client credentials authentication is the secure, standards-compliant method to access Reltio’s platform, which provides granular control and audit trails for services. For more information, see topic Guide to Creating Client Credentials.
Next Steps
- Implement SSO: Use the provided guides to integrate SSO for your users and tenants.
- Prepare for MFA: Be ready for MFA if SSO is partially or not implemented. In other words, if you don’t enable SSO to all your users, your non-SSO users will have to enroll in MFA.
- Migrate Service Accounts: Transition service accounts to client credentials to maintain uninterrupted automated processes.
Support and Resources
We understand that changes to your login process may require adjustment. We are working on additional documentation and resources for you.
If you have any questions, please read our FAQ. Otherwise contact your preferred partner or us, see topic Need some help?.