Contents

Chose your authentication method?

alethea.barlow@oneadvanced.com Updated by alethea.barlow@oneadvanced.com

What is the difference between federated and non-federated? 

Non-federated login (traditional login) 

The classic way of signing in: 

  • you create a username and password specifically for that website or app. 
  • that site stores and manages your login details. 
  • if you forget your password, you reset it through that site. 

Example: You sign up for a healthcare portal and create a new account with your email and a password just for that portal. 

Federated login (single sign-on or SSO) 

This lets you sign in using an existing account from another trusted provider: 

  • you don’t create a new password. 
  • instead, you use something like your Google, Microsoft, or Apple account to log in. 
  • the website trusts the login system of that provider to verify who you are. 

Example: You go to a healthcare portal and click “Sign in with Microsoft.” It uses your work account to log you in without needing a separate password. 

Choosing the right authentication method for you 

When it comes to accessing your account, you have options. Some users prefer the simplicity of a username and password. Others enjoy the convenience of Single Sign-On (SSO). OneAdvanced Identity supports both, so you can choose what works best for you and your organisation. 

The decision between Multi-Factor Authentication (MFA) and Single Sign-On (SSO) depends on your organisation's needs and your employees' preferences.  

If your users already have a federated login account (e.g., with Microsoft Entra or Google Identity), you can enable Single Sign-On to Time and Attendance via OneAdvanced Identity. This provides a seamless experience and eliminates the need for additional login credentials. 

If you prefer a more traditional username and password approach specific to OneAdvanced Identity (non-federated login), we recommend configuring OneAdvanced Identity for Multi-Factor Authentication. This adds an extra layer of security to protect your users' accounts. 

Why OneAdvanced Identity recommends Multi Factor Authentication for users? 

Employee and company data needs to be protected. In the past, usernames and passwords were enough to ensure data security. As cybercrime becomes more sophisticated and pervasive, this is no longer enough.  

How MFA works 

In the past, security depended on what a user knew (username and password). With Multi Factor Authentication, security is driven by what a user has (authentication device). This makes it much harder for criminals to gain access to the system and the sensitive data it holds.  

Alternative biometric security for employees 

For employees logging into Time and Attendance that only have access to their own data, you may prefer for them to use a username and password and biometric security inbuilt to a mobile device, instead of Multi Factor Authentication. This approach would simplify their login experience without putting sensitive information about other employees at risk. 

Was this article useful?

Introduction to Identity

Managing multiple access needs

Contact