Enhance your security with Single Sign-On (SSO) and Multi-Factor Authentication (MFA)

As part of our ongoing commitment to providing our customers with the highest level of security, we are excited to share important updates about the steps we are taking to further safeguard your Reltio accounts. We strongly encourage all customers to implement Single Sign-On (SSO), prepare for the upcoming Multi-Factor Authentication (MFA) capabilities, and migrate service users to client credentials.

Why Single Sign-On?

Implementing SSO with your enterprise identity provider (IDP) is an industry-standard best practice for enhancing the security and efficiency of your user management. By integrating with your IDPs via Security Assertion Markup Language (SAML) or OpenID Connect (OIDC), SSO offers numerous benefits:

  • Streamlined access: Users can access multiple applications without needing to log in separately to each one.
  • Reduced password fatigue: With fewer passwords to remember, users are less likely to resort to insecure password practices.
  • Improved user productivity: Users spend less time logging in and more time on productive tasks.
  • Centralized security controls: IT administrators can manage access policies and monitor authentication activities from a single platform.

How to implement SSO

We support SSO integration via SAML and OIDC. To help you get started, we have prepared comprehensive guides for each method:

These guides provide step-by-step instructions on seamlessly integrating your IDPs with Reltio.

Preparing for Multi-Factor Authentication 

Reltio will require MFA for non-SSO users (users who cannot use SSO) November 4, 2024. Customers choosing not to leverage SSO will be able to use Reltio MFA (Google Authenticator, Microsoft Authenticator, etc.), which will be available by mid-September 2024. Email-based MFA will be available shortly after.

Key dates:

  • September 16, 2024: MFA becomes available for all users, who can begin enrolling in their preferred authenticator apps.
  • November 4, 2024: MFA requirement begins. Users without MFA will receive Time-Based One-Time Passwords (TOTPs) via email until they enroll in an authenticator app.

Managing service accounts

All customers must adopt client credentials and stop using username/password for API access immediately. Reltio will disallow API access using username/password by the end of October 2024. Client credentials are required for any integration or API usage with Reltio. Client credentials authentication is the secure, standards-compliant method to access Reltio’s platform, which provides granular control and audit trails for services.

Next steps

To ensure a smooth transition and enhance the security of your accounts, we recommend the following steps:

  1. Implement SSO: Use the provided guides to integrate SSO for your users and tenants.
  2. Prepare for MFA: Be ready for MFA if SSO is partially or not implemented. In other words, if you don’t enable SSO to all your users, your non-SSO users will have to enroll in MFA.
  3. Migrate Service Accounts: Transition service accounts to client credentials to maintain uninterrupted automated processes.

Support and resources

We understand that changes to your login process may require adjustment. We are working on additional documentation and resources for you.

If you have any questions, you can read our FAQ. Otherwise, please contact your preferred partner or our support team at support@reltio.com.