Single Sign-On (SSO) for Members

Membership organisations typically have a range of online systems available to their members. Together these systems deliver the online experience that members expect and help deliver member satisfaction and retention.

A major issue for members is when these systems are presented as disparate systems, with separate logins and passwords. This can cause confusion and doesn’t provide the joined-up experience that members expect from a leading membership body.

A key way to address this issue is to provide a Single Sign-On (SSO) Solution, where a common login experience is provided for all systems with a single username and password. As a result, members can login once and then move seamlessly between the different online systems.

By separating the sign-in process (identity management) from the underlying systems, we also gain an advantage of ensuring new systems can be added/changed, without impacting how a member can login. No more writing to members to let them know they need to select a new username and password.

Another advantage of a best-in-class SSO solution is to allow members the convenience of signing in with their social media account, e.g. Linked In, Microsoft Live, Google, Facebook.

This blog looks in more detail at the types of systems that could be joined up with a Single Sign-On Solution and how Microsoft’s Azure B2C solution that we deploy with Subscribe360 might be the perfect fit for your organisation.

Typical Online Membership Systems

The typical online systems that member organisations may deploy include:

  • Member portal, e.g. Subscribe360 with PowerApps Portal
  • Website powered by CMS, e.g. SiteCore
  • Learning Management System (LMS), e.g. Moodle
  • Continuing Professional Development (CPD) Platform
  • E-Commerce Platform, e.g. Magento
  • Ticketing or Events & Conference System, e.g. Nutickets

A key consideration when selecting these specialist platforms should be whether they support industry-standard Single Sign-On solutions as standard. If they do, then the parties implementing these solutions can use industry standards to provide that joined up login experience for members.

Not only can this provide a joined-up login process, but registration and password reminder services can also be centralised, reducing setup and maintenance costs.

Microsoft Azure B2C

Microsoft Azure B2C (Business to Consumer) is our recommended Single Sign-On Identity Provider for Subscribe360 and membership organisations. Azure B2C is Microsoft’s cloud-based Single Sign-On solution.

Azure B2C is designed to ensure that the list of user (member) accounts is held separately from the main Azure Active Directory that is used to control access to Microsoft 365 services. So Azure AD is used to identify staff and guests that require access to corporate resources. In addition, Azure B2C provides identity management for customers, e.g. members, that require access to member services.

As a Microsoft product, built to industry standards and available in the Microsoft cloud, it is a good starting point for a single sign-on solution. This is further underpinned by Microsoft’s licensing strategy, which means is it free for the first 50,000 active users per month. However, even beyond these usage levels, the costs are very reasonable.

Azure B2C integrates as standard with Power Apps Portals which powers the Subscribe360 member portal. This, in turn, integrates with Dynamics 365, allowing users to register online and automatically link their new Azure B2C account with a matching member record in Dynamics 365/Subscribe360. So, when a member uses the portal for the first time, the system will automatically link the login to their member account in CRM.

Branding

Microsoft Azure B2C can be fully branded to ensure that the look and feel will be in line with corporate standards, as illustrated in the examples provided below.

Processes Supported by SSO

The processes that Azure B2C and Single Sign-On Solutions typically support are:

  • Registration & Sign Up: Registration forms can be quickly set up with customisable fields and labels:

  • Sign In: Sign In forms are clear and simple, and if required, can support login via Linked In, Facebook and other leading social media networks:

     
  • Password Reminder: A self-service password reminder service is available as standard:

     
  • One-Click Logout: A logout URL can be recorded for each application ensuring the member/non-member is signed out of all systems with one click.
  • Claims: Custom attributes can be added to Azure B2C and passed to the relevant systems at login, e.g. Member Status, Member Grade.

Integration with Other Platforms

As Azure B2C is built on industry standards and is a Microsoft product, a wide range of other systems will seamlessly integrate with this out of the box. For example, open-source learning management products such as Moodle have a connector that requires minimal configuration.

Providing the convenience of an industry-standard single sign-on experience is a key component of providing a world-class online experience for members. It also allows a membership body to separate member identify management from the underlying systems that support the overall membership solution.

We recommend the deployment of Azure B2C with Subscribe360 to provide a cost-effective Single Sign-On Solution for members. Please Contact Us for more information on Subscribe360 and the Single Sign-on for members.