Team42 & Mandrake will demonstrate single sign-on (SSO) implementation for AXP's customer and corporate users on Thursday, August 18, 2022. Currently, user onboarding and login is managed through a local database within AXP's ecosystem. This poses security, governance, and scaling issues as the number of internal and customer users grows. The proposed solution is to use Auth0 as an SSO platform, allowing customers to use their own identity providers and corporate users to authenticate with Active Directory. Achievements include integrating Auth0 with AXP's staging environment and setting up landing and logout static pages hosted on AWS. An overview of the solution and demo will be provided.

1. Team42 & Mandrake
SSO Implementation Demo: Thursday, 18 Aug 2022
Syed Imam
DevOps Manager, Product

2. SSO Implementation – Staging and Production
Context
AXP customer and corporate users onboarding and logging in process are managed from the platform
via a local DB within the its ecosystem​.
Problems
• Security/InfoSec
• No password policy (e.g. strength, expiry)​
• MFA Management​
• Governance
• Scaling
• As the both internal operations/support users and customer tenant users grow.
Solution​
• Auth0 SaaS as a SSO platform for choice (for OE)
• Allowing users to sign in via a SSO platform (i.e. Auth0)​
• Allows relevant customer tenant bring their own IdP and thus integrate with existing access
management
• Allows Corporate Operations team access the platform leveraging standard UAM process
and
• Have federated access using corporate AD login
Achievements
• Auth0 and AXP integration in staging
• Corporate AD integration
• Landing and Post Sign-Out static pages with AWS-native hosting solution

3. Solution
Overview

4. Landing/Post-SignOut Static Pages Hosting

5. How SAML Works?

6. Demo In Action ..