When it comes to business operations, every enterprise – big or small – values efficiency and security. VtigerCRM, while a robust platform in itself, becomes even more potent when tailored to fit unique needs. Let’s discuss a recent innovation – the Single Sign-On (SSO) capabilities for Vtiger 7x, devised by our team in Peru.
Background:
Pat O’Brien’s team at Boru has worked extensively on an innovative SSO feature for Vtiger 7x. This feature is designed with a simple end goal: Offer enhanced convenience and security to clients.
How it works:
- Clients with corporate accounts on either Google Workspace or Microsoft Office 365 can activate the SSO feature.
- Once activated, the Vtiger login page is modified to incorporate options like “Continue with Google” or “Continue with Microsoft.”
- The user’s authorization is prompted when selecting either of these options. If they are not registered under the relevant domain, the system flags an error. Otherwise, their access is authenticated.
Technicalities Explained:
- The domain a user is attempting to log into via Vtiger must be registered with an app within the respective Google or Microsoft account.
- When the domains align (for instance, the Vtiger domain and user’s domain are both XYZ.com), Vtiger leverages the respective infrastructure – be it Google’s or Microsoft’s – to authenticate the user’s access.
- This process doesn’t involve saving any user passwords on the Vtiger side. Instead, Vtiger receives a confirmation or an “approval success message” from Google or Microsoft, signaling that the authentication was successful.
In-Depth with Tokens:
- There’s a bit of debate regarding the use of authentication tokens. While Jesse believes Vtiger doesn’t store anything beyond an approval message, Anthony from the Microsoft side believes there might be an authentication token in place.
- Anthony further distinguishes between SSO for a single login and an authentication for email scraping, suggesting that the mechanisms might differ.
- Mention is also made of RingCentral’s authentication system, emphasizing that user tokens might have an expiration mechanism, compelling re-authentication over time.
Email Authorization:
- If one is trying to pull emails through platforms like Thunderbird or even Vtiger, a distinct authorization is mandated. This often involves exchanging tokens, which, as seen in some programs, tend to expire.
- The expiration of these tokens can pose challenges, requiring users to frequently re-authorize access.
The Bottom Line:
The SSO feature for Vtiger achieves two primary objectives:
- Enhanced Security: By delegating authentication to giants like Google or Microsoft, users aren’t burdened with the risk of managing multiple logins or passwords.
- Optimized Convenience: If a new user tries accessing Vtiger and isn’t recognized, the system can auto-generate an account for them. Thus, streamlining the onboarding process.
In the evolving world of CRM solutions, it’s these nuanced innovations that empower businesses to operate seamlessly and securely. Vtiger’s tailored solutions are just one example of how technology can be harnessed to serve specific business needs more effectively.
