You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: website/docs/feature-flag-tutorials/use-cases/security-compliance.md
+4-8
Original file line number
Diff line number
Diff line change
@@ -42,19 +42,15 @@ Your developers and other stakeholders need to securely access platforms used to
42
42
43
43
To use single sign-on in Unleash, your users can authenticate themselves through OpenID Connect (OIDC) or SAML 2.0 protocols.
44
44
45
-
We have integration guides to connect Unleash to enterprise identity providers like Okta, Microsoft Entra ID, and Keycloak, but you can use any identity provider that uses OIDC or SAML 2.0 protocol. For a step-by-step guide, read our [how-to guide for single sign-on](/how-to/sso).
45
+
We have integration guides to connect Unleash to enterprise identity providers like Okta, Microsoft Entra ID, and Keycloak, but you can use any identity provider that uses OIDC or SAML 2.0 protocol. Read our [how-to guide for single sign-on](/how-to/sso).
46
46
47
47

48
48
49
-
Another major benefit to using SSO is that when you connect Unleash to your identity provider, you will be able to synchronize your user groups out of the box. That way, your group configuration reflects organizational-level changes automatically. Follow our step-by-step guide to set up [user group syncing](/how-to/how-to-set-up-group-sso-sync). With SSO integration, groups defined in your identity provider are directly mapped to Unleash access groups. This means:
49
+
For larger teams, we [recommend you use SCIM](#use-scim-to-automate-user-management-at-scale) instead of relying solely on SSO because it offers additional flexibility and scalability.
50
50
51
-
- New team members are automatically assigned correct permissions.
52
-
- Organizational restructures are reflected immediately.
53
-
- Consistent access controls are enabled across all enterprise systems.
51
+
By using SSO with Unleash, your organization can prove that every engineer accessing feature flags undergoes a centralized, unified authentication process.
54
52
55
-
By integrating Unleash with these systems, your organization can prove that every engineer accessing feature flags undergoes a centralized, unified authentication process.
56
-
57
-
How do you translate this into something verifiable and auditable for security reviews? What’s great is that every authentication event in Unleash is logged with detailed metadata including timestamp, IP address, and authentication method used, providing audit trails when you undergo security reviews. This shows you have a transparent, auditable system where every access can be traced, logged, and validated. So not only are you meeting compliance standards with authentication controls in place, but Unleash also automatically maintains a record for you that proves it.
53
+
How do you translate this into something verifiable and auditable for security reviews? What’s great is that [every authentication event in Unleash is logged](#leverage-access-logs-for-broader-auditing) with detailed metadata including timestamp, IP address, and authentication method used, providing audit trails when you undergo security reviews. This shows you have a transparent, auditable system where every access can be traced, logged, and validated. So not only are you meeting compliance standards with authentication controls in place, but Unleash also automatically maintains a record for you that proves it.
0 commit comments