The Riskonnect platform includes the ability to integrate with your organizations’ centralized user authentication services. In simple terms, this means that your users only login once to the corporate network – no additional login step is needed to access Riskonnect.
- Users who are authenticated within the corporate domain access an intranet link (or access a Force.com URL that requires authentication). In the background, the request is redirected to the Token Generator.
- Invisible to the user, the Token Generator checks the user’s status and account credentials in the corporate directory. It then uses the results of the query to build a token indicating the user’s authentication and authorization status. The token is passed back to the user’s workstation.
- The workstation passes the token to Force.com.
- Force.com passes the token to the authentication proxy, which verifies the token’s validity allowing access to the Riskonnect system.
