Bored with typing again and again different logins and passwords for each service you have access to? Would you like to add hundreds or thousands of users with different roles to your Matomo (Piwik) at once? Would you like to save time and effort of managing your users while increasing the security in your business? Guess what, Matomo has come up with great features to do just that.
But what is a SSO?
Before introducing you to new Matomo features, let me explain what a SSO is.
SSO is the acronym for Single Sign On. As its name suggests this authentication process allows a user to access multiple applications with one set of login credentials.
Advantages of using a SSO are numerous:
- improving security, for example when an employee is leaving your company, how can you check that all his credentials have been removed?
- reducing employees time-wasters such as having to enter logins/passwords each time.
- providing a centralized database for administrators. They can then easily manage permissions of all employees saving them heaps of time.
- reduces support costs related to authentication / accounts management.
In order to provide SSO options, two Matomo plugins have been developed and are available on the marketplace:
SAML
SAML stands for “Security Assertion Markup Language”, it is a standard in order to exchange authentication and authorization between an identity provider (OneLogin, Okta, Ping Identity, ADFS, Google, Salesforce, SharePoint…) and a service provider.
An identity provider is an online service that authenticates users on the Internet by using security tokens.
Are you wondering if your business or organization is using any of these providers? We recommend to ask your operations team or sysadmin.
At InnoCraft, we developed a plugin in order to allow SSO with SAML for Matomo. It can ensure consistent access control across the enterprise and external providers, potentially reducing support costs related to authentication and accounts management.
The installation process is straightforward. All you need is to get the SAML premium feature from the marketplace. Once installed, you will access the SAML configuration interface through the admin where you can configure various settings:
- SAML Status
- Identity Provider (Entity ID, SSO endpoint info, Public x509 certificate)
- Just-in-time provisioning and Mapping attributes
- Access Synchronization
- Advanced settings
From there you will need to follow our detailed documentation to have it up and running:
https://matomo.org/docs/login-saml/.
Once finished, you will then be able to use SAML to authenticate to your Matomo account:
As all premium features, SAML is eligible to a 30-day period money back guarantee, so do not hesitate to have it a try.
LDAP
LDAP stands for Lightweight Directory Access Protocol. As its names implies LDAP is a directory, hosted on a server, which organizes the data about people in your company.
Thanks to the LDAP plugin, Matomo can be connected to your LDAP infrastructure and then use all its power in order to give each individual an access with different rights according to their needs.
Let’s say that you have 1,000 employees within a company and they all need right now an access to the analytics reports in Matomo with different roles. This is what LDAP can do.
Moreover if your business or organization is already using LDAP, we recommend using the LDAP connector for Matomo for better security, to stop wasting time of your users and sysadmins, and to reduce the costs related to account management.
You understood it well. LDAP is a plugin which saves a LOT of time within an organization. Here is a preview of the settings part:
LDAP has been developed by the Matomo core team and is available as a Free plugin on the marketplace.
If you are surprised by the possibilities that Matomo is offering in terms of plugins, the good news is that many other plugins are waiting for you on the marketplace. Check out our premium marketplace which offers state-of-the-art plugins to get the most out of Matomo.
And if you are a developer feel free to create your own plugin, a detailed documentation is available at: https://developer.matomo.org/guides/getting-started-part-1.
