Single Sign On

Learn how SSO is used in Serenity Connect to simplify user access and enhance security

Single Sign On (SSO) in Serenity Connect simplifies user access to our elder care communication platform. SSO allows users to sign in once and access multiple connected services without the need to re-enter their credentials. In Serenity Connect, we've implemented SSO using a HIPAA-compliant infrastructure provided by Amazon Web Services (AWS) and adhering to security best practices.

What is SSO?

Single Sign-On (SSO) is a user authentication process that enables access to multiple applications with a single set of login credentials. It streamlines the login experience, improving security and convenience for our users.

How SSO works in Serenity Connect

1. User Access: When users visit Serenity Connect, they are presented with a login page.

2. Authentication: Upon entering their credentials, Serenity Connect leverages AWS's HIPAA-compliant infrastructure to verify the user's identity securely.

3. OAuth and PKCE: We utilize OAuth, a robust industry-standard protocol, and PKCE (Proof Key for Code Exchange) to ensure secure authentication. PKCE enhances security by protecting against code interception attacks.

4. Protection against CSRF: To safeguard against cross-site request forgery (CSRF) attacks, we incorporate a custom state parameter in our SSO sign-in flow. This additional layer of security helps protect our users' data.

Benefits of SSO in Serenity Connect

• Convenience: Users only need to remember one set of credentials for multiple services, reducing password fatigue.

• Security: Our implementation of OAuth, PKCE, and custom state parameters enhances security and protects user data.

• HIPAA Compliance: Serenity Connect operates within an AWS HIPAA-compliant infrastructure, ensuring the confidentiality and integrity of healthcare data.