What is SSO?
Single Sign-On (SSO) is an authentication method that allows users to securely log in to multiple systems and applications with just one set of credentials β including Falcon. Once authenticated, users gain access to other services without needing to re-enter their credentials.
Falcon uses the modern authentication standard OpenID Connect (OIDC) β a protocol based on OAuth 2.0 designed specifically for secure and user-friendly web applications.
Benefits of SSO in Falcon
β Enhanced Security
No need for multiple passwords or manually maintained credentials.
Centralized access rights management via the chosen Identity Provider.
Easy deactivation of access when users change roles or organizations.
π Seamless Access
One login for all connected tools β including Falcon.
Saves time and reduces unnecessary interruptions during the workday.
π οΈ Centralized Management for IT Teams
Identity and access management is handled through the existing Identity Provider.
User access can be managed and audited consistently.
Especially suitable for organizations with scalable IT infrastructures.
How does SSO work in general?
Falcon supports the OpenID Connect (OIDC) standard to integrate with common Identity Providers such as Microsoft Entra ID (formerly Azure AD), Google Workspace, Okta, and many others. The basic process is as follows:
Select "Log in with SSO" on the login screen.
Falcon forwards the request to the registered Identity Provider.
After successful authentication, the provider confirms the identity via OIDC.
Falcon grants access β without requiring a separate password.
However, Falcon must also be registered with the Identity Provider. Instructions for this process can be found in the Help Center.
Requirements for Using SSO in Falcon
To set up and use SSO in Falcon, the following components are required:
An Identity Provider that supports OIDC (e.g., Microsoft Entra ID, Google Workspace, Okta)
An active Enterprise contract with Nordantech
Support from your IT department
Frequently Asked Questions (FAQ)
Is SSO mandatory?
No. Activating SSO is optional and depends on the organization's needs.
Can I use SSO with Falcon Basic or Plus?
No, SSO authentication is only available with the Falcon Enterprise Plan.
Can traditional logins still be used?
Yes β provided your SSO configuration allows it and you choose to permit it. Alternatively, traditional logins can be completely disabled.
Can users use both SSO and traditional logins simultaneously?
No. If a user authenticates via SSO, they are bound to that method.
Does SSO apply to a user and all their hubs?
No β the SSO login applies to a specific hub.
What happens if the Identity Provider is unavailable?
In that case, login via SSO is not possible. An alternative login is not available unless general settings are changed.
β