BSN.Cloud Authentication Update

Follow Avatar support@brightsign.biz

BSN.Cloud is changing the implementation of its authentication server to be able support Single Sign-On (SSO), Multi-Factor Authentication (MFA), and other standard protocols such as OpenID Connect, OAuth 2.0, and SAML.

We have made the whole process as seamless as possible for all of our customers. This document highlights some of the features and changes our customers may experience from the launch date.

 

Single Sign-On (SSO)

Single Sign-On will be available for all our customers on the launch date. We will initially be supporting Microsoft Entra ID using OIDC only. Other identity providers and protocols will be supported in the future.

 

BrightAuthor:connected

  • On launch, a new version of our BrightAuthor:connected web application will be available and will be fully integrated with our new authentication server
  • A new version of our BrightAuthor:connected desktop application will also be available. We encourage customers who require the desktop application to upgrade as soon as possible
  • Older versions of our BrightAuthor:connected desktop application will continue to work, but with a degraded customer experience around creating and managing users, and resetting passwords.

BSN.Cloud Login

When you log into BSN.Cloud from the web or desktop you will see a new login window:

image-20240919-141136.png

Enter the username and click the “Sign In” button and you will be prompted to enter the password.

image-20240919-142020.png

Enter the password and click the “Sign In” button and you will be logged in.

 

All customers should use the username and password login method described above, immediately after the launch to ensure their existing details, including passwords, are migrated to the new server.

Single Sign-On with Microsoft Entra ID

If customers integrate with Microsoft Entra ID, then the “Microsoft” button can be used to login using SSO.

 

Important! After launch, if the customers' first login is via SSO, their existing password will not be migrated. To revert to using a username and password, navigate to the login screen, select the “Try another way” option, then click “Username and Password”, and then click “Forgot password” and follow the process to create a new password.

Enforcing SSO Logins

If customers require BrightSign to enforce SSO to work with their identity provider, they will need to submit a request via BrightSign support.

Enforced SSO logins will mean that BrightSign no longer manages the passwords and authentication for the customer. Instead all logins and account authentication requests are validated by the customer's identity provider only.

Remote Support Access for Enforced SSO Logins

 

Customers who opt to enforce SSO logins that currently permit BrightSign support staff access to their BSN.Cloud networks, will need to create individual accounts for our support staff in their domains and give them permission to the required networks. This puts customers in full control of who is permitted to access their networks.

 

API Changes

For this initial launch API access will remain fully backwards compatible.

There will be more significant changes coming in the future, and those details will be communicated separately.

 

 

Have more questions? Submit a request

0 Comments

Article is closed for comments.
Can't find what you're looking for? Try to
Contact support
Powered by Zendesk