What is our primary use case?
We use it for authentication and authorization for our website. We have multiple external and internal websites that we host, so we are using SSO for authenticating and authorizing for all those websites.
It has performed quite well. We have been using it more than 10 years now.
What is most valuable?
for our websites. These features are important because all the sites need authentication for security purposes. That has been handled pretty well all these years with SSO.
How has it helped my organization?
It doesn't take time for us to configure, maybe because we have been using this product for so long. In terms of security rights, a lot are covered under SSO, so we don't actually have to go and do something on the back end.
What needs improvement?
We would like to the OAuth be more stable, more issues being fixed rather than not.
We're pretty happy, but there are some scenarios with the new stuff, like OAuth - where authentication happens from Google, Amazon - in which they're still lagging right now. They're developing it, but we have been using SSO for a long time and Oauth capability was not there, and it recently started this year. So we had a little bit of a question, "Should we still use this product or we should go to another product?" That was the one concern.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
Stability? There have been some issues but over the years but it's pretty stable. The issue we encountered was a whole site going down. But we were able to bring it up.
What do I think about the scalability of the solution?
Scalability is pretty good.
How is customer service and technical support?
They're pretty good on some of the non-issues. There are some delays, however, and they keep on asking for logs or try to delay it, maybe it's stuff they don't know. But in most of the cases they respond pretty quickly.
How was the initial setup?
I wasn't in on the initial setup, but I have been installing a lot of the newer versions. Compared to six, seven years ago, now it is very, very smooth.
What other advice do I have?
I would still not rate it a 10 out of 10 because, like I said, we had some issues with the OAuth here and there. Once those are done right, I think it would be a nine out of 10.
Regarding advice to a colleague who is researching this or a similar solution, it depends on what they are trying to accomplish. Are they going legacy, where you authenticate, versus the newer federation?
But I would recommend SSO as a solution.