Blog

How to add Single-Sign-On to your Vaadin application

By  
Luis Lundstedt
Luis Lundstedt
·
On Apr 13, 2023 5:42:34 PM
·
In Product

According to our recent community survey, nearly 75% of Vaadin users store their users' login credentials in their own database. While this may seem like the best way to keep control of your data and business processes, it can hurt your application's user experience and overall security. Integrating single-sign-on (SSO) can help you provide a seamless user experience while improving the security and access management in your company.

If you're looking for ways to enhance your application's security and streamline your user authentication process, consider incorporating SSO into your development strategy.

Why should you use an SSO for your business application(s)?

Better user experience

Your users won’t have to worry about remembering their password for every application. Instead, they can use the same credentials that your company is already using, such as Microsoft or Google. Besides, they can get a seamless experience moving through different applications without having to log in every time.

Higher security

Reducing the need to remember several passwords for every application means your users can have a single stronger password and benefit from implementing other security measures like two-factor authentication (2FA) or multi-factor authentication (MFA). 

Some organizations require strict access controls, which mandate that users must log out of all current sessions after a certain period or after using an application. Single sign-on (SSO) can help ensure that global logout, password requirements, and other security aspects are consistently enforced across all systems and applications.

More control

Another advantage of SSO is that you keep full control of your users’ access to your application(s) in a single place. These can be removed or modified at any time directly from your chosen SSO provider.

Vaadin’s SSO Kit is here to help

Almost every application needs access management in place. We realized we could provide a lot of value to our users by reducing the effort (and time) needed to implement and maintain these. For this reason, we created the SSO Kit, a solution to easily and reliably set up login in your Vaadin applications with one of the supported SSO providers.

The Vaadin SSO Kit supports the OpenID Connect (OIDC) protocol standard, which is built on top of OAuth 2.0 and uses the Spring Security framework to help you easily configure a role-based authorization for your users. Currently, the SSO Kit officially supports Azure Active Directory (Azure AD), Okta, and Keycloak, though support for more SSO providers is coming. 

Our SSO Kit is compatible with Vaadin Flow 23.3+ (including V24) and also with Hilla 2.0.

What’s next for the Vaadin SSO Kit?

We are currently exploring the possibility of expanding the Vaadin SSO Kit to include support for new providers such as Google and Amazon Cognito. Additionally, we are actively working on several other exciting improvements to enhance its developer experience. These include the development of client-side helpers to simplify configuration for Hilla and UX enhancements that provide immediate feedback when a user is logged out for Vaadin Flow.

How to get started

Adding the SSO Kit into your Vaadin application as a dependency in your pom.xml file is a simple: 

<dependency>
  <groupId>com.vaadin</groupId>
  <artifactId>sso-kit-starter</artifactId>
</dependency>

It will stay updated in your project along with your Vaadin version. After adding just a few lines to application properties to configure your preferred SSO provider, you can then secure views by annotating your view classes. Head over to our documentation to learn more about how the SSO Kit works in Vaadin Flow applications. 

Building an app with Hilla? The SSO Kit is now also available for Hilla 2. See documentation!

Ready to enhance the security and user experience of your Vaadin project with single-sign-on? Request a free trial of the SSO Kit today!

Request a trial
Luis Lundstedt
Luis Lundstedt
Luis works as a Product Manager at Vaadin. He's now focused on improving the user experience and onboarding and is contributing to making the Vaadin Design System the most accessible and best possible.
Other posts by Luis Lundstedt