Custom login UI using discovery and template API - SSO

Ubisecure Single Sign-On login screens can be customized so that they integrate visually with the service and use the same language as the service. 

By default, the user is redirected to a login screen hosted at a different address to the application. This discovery screen automatically and dynamically handles the selection and presentation of available authentication methods, logos and localization. An example of this screen is shown below:

The layout of the default screen can be configured using parameters and CSS to look the same as the target applications. Complete control, for example custom javascript events, are not possible due to security reasons. For more information, see Login user interface customization - SSO.

Dynamic identity provider lists are important, as often identity provider change during the lifetime of a target applications. Banks change their names and logos, authentication technology develops, providers are subject to security breaches, new providers come onto the market etc. Changes to the identity provider list, their text and logos should not require any code changes to the target applications. In multi-tenant or distributed applications, centralized configuration is important.

In some cases, typically consumer services, it is desirable to control the identity provider discovery and selection process within the target application itself. This reduces the number of page redirects and typically improves the look and feel of the selection process by using the target application frameworks for display.

Ubisecure SSO provides APIs that allow target applications to query the graphic resources, text resources and currently supported configurations. Typically javascript is used to query and dynamically build a suitable UI based on the current configuration.