It is possible to sign into the Mallcomm CMS using Single Sign-In (SSO) with Google and Microsoft available to sign in for all users.
Depending on your account, you may also have Enterprise SSO configured, restricting your log-in options to your specific provider.
What is SSO?
Single sign-on (SSO) is an authentication scheme that allows users to log in with a single set of credentials—usually a username and password—to access multiple applications.
What are the benefits of SSO?
With SSO, you can enjoy a faster, single-click login process with no other account password to remember. You will also have the ability to view and control which centres and services you are connected to. Additionally, you will have a single account for your CMS, app, and web app, so there is no need to remember multiple logins.
Aside from convenience, it also brings an added layer of security. CMS users can be authenticated using corporate identity management solutions such as Microsoft Active Directory or Okta.
What do you need to know?
The most significant difference will be behind the scenes as we migrate users to a new Mallcomm account. A new centralised place where they can see all of the platforms and apps within the Mallcomm Ecosystem they have access to.
Within the Malcolm account, users can edit their details, request deletion, and set up 2-factor authentication. If users log in while not having access to any properties, they will land on their Mallcomm account page.
The process for adding a CMS user will not change. They will still need to be added to a centre before they can get access. It is also essential to understand that the email they use for SSO login must match the one they have used for their Mallcomm account.
For example, if I am added as a Mallcomm CMS user with the email john.smith@mycompany.com, but my SSO account email is jonathan.smith@mycompany.com, the system will not pick up the accounts the same, and Mallcomm will refuse the login attempt.
CMS users who are not logging in using an Enterprise SSO solution will still be able to use their username and password.
Other differences you may notice
If you have been a client for a while, you may notice several other changes. From the 29th of June, 2022, there will be an update to the login page in both styling and the ability to use SSO. The SSO options available to you will depend on your account setup.
You may also notice that the ‘Edit People’ screen will change. It will no longer be possible to set account passwords manually. Instead, administrators can either ask the user to use the Lost password’ functionality in the app or click on a new ‘Send password’ button, which will trigger the same action.
FAQs
How do I set up an Enterprise SSO system?
We currently support both Microsoft Active Directory and Okta as SSO providers. If you would like more information on setting up enterprise-level SSO, please reach out to our CSM team, who will be able to assist you.
What is 2FA?
With 2-Step Verification (also known as two-factor authentication), you add an extra layer of security to user accounts if a password is stolen. 2FA is supported by the Mallcomm provider for classic email/password logins.
For SSO logins using other providers such as Okta, Azure, Google or Microsoft, the specific provider should have its own mechanism to support 2FA, which you will need to follow.
If you are using the Mallcomm provider, you can set up 2-step verification in your Mallcomm account, and once set up, you’ll sign in to your account in two steps using:
- Something you know, like your password
- Something you have, like your phone
For ease of use, the Mallcomm 2FA system supports phone software authenticator apps such as Google and Microsoft.
Why can’t I edit users?
As we switch to a centralised user profile, only the user themselves will be able to edit and update this data as it is used in multiple applications.
What can I do if I have a user that cannot log in?
First, check that the user has a valid CMS account in the Manage CMS users page. If they do, confirm that the email they are using to log in (either with SSO or email + password) matches what is in their CMS account.
If they do not have a CMS account, add them as a user, and they will receive an invitation.
If both of these steps appear to be OK, reach out to our support team either with the live chat widget or by emailing support@mallcomm.co.uk, and we can take a look. Be sure to include as much information as possible, including your app name and the property you are logging in to.